A significant data exposure has come to light involving a database owned by SL Data Services, which contained over 640,000 records that were publicly accessible without any password protection or encryption. Cybersecurity researcher Jeremiah Fowler uncovered this alarming breach, which included sensitive information such as full names, addresses, email addresses, employment details, social media accounts, phone numbers, and criminal records.
The records, primarily categorized as 'background checks', raise serious concerns regarding the consent of the individuals whose information was exposed. The nature of this data leak leaves many vulnerable to potential social engineering attacks, as criminals could exploit the sensitive information to deceive victims.
While the database was secured following a responsible disclosure notice, the risk of identity theft remains high, with exposed individuals facing possible financial losses. Currently, there is no evidence suggesting that criminals accessed the open database before it was restricted, but cybersecurity experts will likely monitor the dark web for any signs of the data being sold.
This incident is not isolated; earlier this year, National Public Data experienced a massive data breach, leading to a class action lawsuit for inadequate protection of personal records.