Yahoo Finance Analytics firm exposed data for 120 million households
It could have been used for fraud on a large scale.
Exposed databases are all too common, but this one may be more serious than most. Researchers at UpGuard discovered that the Australian market analysis firm Tetrad left data for 120 million households exposed in Amazon S3 storage. It appeared to be a blend of data from providers like Experian Mosaic, Claritas/Nielsen's PRIZM as well as Tetrad customers like Chipotle, Kate Spade and Bevmo. The info varied from source to source, but frequently included sensitive details like names, addresses and purchasing habits. Experian Mosaic's data, for example, sorted users into types based on factors like income.
Tetrad responded relatively quickly. UpGuard said it found and notified Tetrad of the exposure on February 3rd, and a back-and-forth led to the data being locked down on February 10th. It's not certain whether anyone besides UpGuard or Tetrad accessed the data, however.
The findings underscore one of the problems with collecting data on a large scale. It not only raises concerns about what companies do with your data, it also increases the chances that this data might fall into the wrong hands. It's also a stark reminder that your data is only as secure as the weakest link in the chain -- a simple mistake by a partner can render a company's security measures pointless.
