Breach Brief – Exactis

Published On June 29, 2018 | By Tom Huskerson | Breach Briefs

Who is Exactis and what do they know about me? That is the question you need to be asking.  No, you haven’t heard of Exactis but they may have exposed some of your most personal information to hackers. You, along and the everybody else in the U.S.

Exactis is a major data gathering company based in Palm Coast, FL. The Exactis website describes the company as a compiler and aggregator of business and consumer data. Exactis claims to have a store of information it refers to as a “universal data warehouse” that contains 3.5 billion consumer, business and digital records. Exactis claims these records are updated monthly. According to Exactis’ LinkedIn profile it is a privately owned company with only 10 employees. Exactis gathers this information from cookies on personal computers. credit and debit transaction records and other sources.

Now you should ask what do they know about me? The exposed records contains more than 400 different characteristics that include whether the person smokes, what their religion is and whether they have dogs or cats. But, according to Wired.com some of the information is inaccurate or outdated.

Your next question is; how did this happen? According to security researcher Vinny Troia the company leaked the data of 340 million individuals by storing it on an unsecured server accessible through the internet. According to Wired.com Troia discovered what he describes nearly two terabytes of data. 

Troia reported the data breach to both Exactis and the FBI. Exactis reacted by securing the data so that it’s no longer accessible.

But now ask; did criminals know this? Did they access the information? The answer to that question is unknown. But since Exactis has not admitted to the data breach and it is no longer accessible no one really know how many people are affected. According to Wired.com Troia found two versions of the database each holding an estimated 340 million records. This number breaks down into 230 million consumers records  and 110 million on business contacts.  

But Marc Rotenberg, the executive director of the non-profit Electronic Privacy Information Center said,  “The likelihood of financial fraud is not that great , but the possibility of impersonation or profiling is certainly there. Rotenberg stated that while some of the data is available in public records, much of it appears to be the sort of non-public information that data brokers aggregate from sources like magazine subscriptions, credit card transaction data sold by banks, and credit reports. “A lot of this information is now routinely gathered on American consumers,” Rotenberg adds.

 

 

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. He attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has returned to focus on writing both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle. Most recently Tom has launched the blog African American Cyber Report. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Leave a Reply

Your email address will not be published. Required fields are marked *