The data found on a "publicly accessible" server holds appears to include info on "hundreds of millions of American adults, as well as millions of businesses".
They also record their hobbies, interests and habits, as well as the number, age, and gender of any children they have.
The good news is that Exactis doesn't appear to have leaked financial information, Social Security Numbers, or similar highly sensitive data. So the company has since protected the data, rendering it inaccessible.
Exactis is not a company that I had even heard about until today, but apparently, they have probably heard of me.
What makes this data exposure scary is that Exactis may have your data and you don't even know it.
The company is called Exactis, and it's one of the many shadowy operations that trade and collate people's personal data so that ads can be accurately targeted at them. "I was impressed to see that much information per person".
As Wired points out, the chances of financial fraud are relatively low due to the fact that banking details and social security numbers weren't included in the breach. Troia reported the breach to the company and the Federal Bureau of Investigation last week and told Wired that the company has now protected the data so it is no longer available. He said the trove contained 340 million records that included names, addresses, phone numbers and email addresses.
Robert Capps, vice president and authentication strategist for NuData Security, a behavioral biometrics company based in Vancouver, British Columbia, said "if US citizens did not think their personal information has ever been compromised, this should convince them it definitely is".
A new data leak could affect hundreds of millions of Americans, perhaps more than the almost 150 million affected by the Equifax breach. "Further, as 110 million of the records pertain to businesses, criminals could utilize the data for spear-phishing campaigns aimed at data exfiltration", Fischbach wrote via email.
The said database has now been reconfigured by Exactis so that it can not be accessed publicly but it is not known how long it was configured for public access before Troia discovered it. Chief Executive Officer Marissa Mayer, right, speaks as he testifies before the Senate Commerce Committee on Capitol Hill in Washington, Wednesday, Nov. 8, 2017, during a hearing on "Protecting Consumers in the Era of Major Data Breaches" after the 2013 data breach at Yahoo! that affected 3 billion user accounts. For example, things like religion, whether the person smoked or not, or if they had any pets are found within the database.