Connect with us

Hi, what are you looking for?

Tech & Science

What happens with no password? 82 million records are exposed

A non-password-protected database that contained over 82 million records has been found to be vulnerable by security researchers.

Image: © AFP
Image: © AFP

The latest cyber-incident has impacted ProQuality Solutions. This relates to an unprotected database that exposed the customer information of companies. The types of firms affected were big players in the U.S. retail space, such as Whole Foods (owned by Amazon) and Skaggs (which sells various uniforms to different industrial sectors).

The size of leaked data represented:

  • Total Size: 9.57 GB
  • Total Records when first discovered: 28,035,225 (4/25- 7/11)
  • Total Records when notice was sent 82,099,847 (4/25- 7/30)

According to one survey, unsecured databases left exposed on the web are targeted by cyber criminals at least eighteen times each day.

Looking into the database vulnerabilities for Digital Journal is security expert Robert Prigge, CEO of Jumio (a company that deals with online identity verification and user authentication).

According to Prigge, the issue demonstrates the vulnerability of data in general across many systems. The world is reliant upon digital data, and data is of great value, yet the hunt for vulnerabilities with systems that hold data is major focal point for cybercriminals.

Highlighting the data vulnerability aspect, Prigge says: “The exposure of 82 million records confirms that no personally identifiable information is safe online through traditional methods of storage and protection.”

The reason for this, Prigge explains is because: “Threat actors could easily leverage partial credit card numbers, emails and physical addresses to conduct social engineering attacks on victims and steal additional data, such as full payment details or Social Security numbers.”

There are other vulnerabilities too: “In addition, fraudsters can combine the exposed data with other available information on the dark web and access additional user accounts set up with this information, including social media profiles, health insurance portals, banking applications and more.”

This means a proactive response to potential data vulnerabilities is essential. As Prigge puts it: “Any database containing personal indefinable information should not only be secured but should extend beyond basic password protection.”

More secure methods that can thwart many malicious actors include: “Face-based biometric authentication is significantly more secure, reliable and delivers a much higher level of assurance.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

As AI has become more and more sophisticated, it appears that many of the jobs (and skills) that were what set people apart are...

Tech & Science

Electric are sales are on the rise in the UK. What is the future for petrol cars?

World

Billionaire Elon Musk sparked controversy after making a gesture at an event celebrating US President Donald Trump's inauguration.

World

Nguyen Thi Hiep is joining a wave of workers rejecting Ho Chi Minh City for a quieter life back home - Copyright AFP Nhac...