Exactis

Last updated
Exactis LLC
Industry Marketing
Founded2015
Headquarters
Palm Coast, Florida [1]
,
United States [2]
Website http://www.exactis.com/

Exactis LLC is a data broker established in 2015 and based in the U.S state of Florida. The firm reportedly handles business and consumer data in an effort to refine targeted advertising. [3]

Data leak

Exactis became notable in June 2018, after a discovery by cybersecurity researcher Vinny Troia [4] detailed how the organization made nearly 340 million detailed records about individual people available on a publicly accessible server, [2] [5] [3] leaving those people at heightened risk of being impersonated, profiled or otherwise exploited through social engineering. The information has reportedly since been protected and removed from the public. [1] However, the leak is notable due to the breach of data that was exposed, surpassing the Equifax breach which had exposed 145 million customers' personal data the year prior. [6]

Exactis had reportedly accumulated some or all of its information without the knowledge or explicit consent of the data subjects. [1]

Related Research Articles

<span class="mw-page-title-main">Uber</span> American vehicle for hire, freight, food delivery, courier, and parcel delivery company

Uber Technologies, Inc. (Uber), based in San Francisco, provides mobility as a service/ride-hailing, food delivery/package delivery/couriers via Uber Eats and Postmates, and freight transport. Uber sets fares, which vary using a dynamic pricing model based on local supply and demand at the time of the booking and are quoted to the customer in advance, and receives a commission from each booking. It has operations in approximately 70 countries and 10,500 cities and, with 131 million monthly active users and 5.4 million active drivers and couriers worldwide, it generates an average of 23 million trips per day.

<span class="mw-page-title-main">Equifax</span> American multinational consumer credit reporting agency in Atlanta, Georgia

Equifax Inc. is an American multinational consumer credit reporting agency headquartered in Atlanta, Georgia and is one of the three largest consumer credit reporting agencies, along with Experian and TransUnion. Equifax collects and aggregates information on over 800 million individual consumers and more than 88 million businesses worldwide. In addition to credit and demographic data and services to business, Equifax sells credit monitoring and fraud prevention services directly to consumers.

A data broker is an individual or company that specializes in collecting personal data or data about companies, mostly from public records but sometimes sourced privately, and selling or licensing such information to third parties for a variety of uses. Sources, usually Internet-based since the 1990s, may include census and electoral roll records, social networking sites, court reports and purchase histories. The information from data brokers may be used in background checks used by employers and housing.

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

<span class="mw-page-title-main">Data breach</span> Intentional or unintentional release of secure information

A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, information leakage and data spill. Incidents range from concerted attacks by individuals who hack for personal gain or malice, organized crime, political activists or national governments, to poorly configured system security or careless disposal of used computer equipment or data storage media. Leaked information can range from matters compromising national security, to information on actions which a government or official considers embarrassing and wants to conceal. A deliberate data breach by a person privy to the information, typically for political purposes, is more often described as a "leak".

<span class="mw-page-title-main">Aadhaar</span> Indian national identification number

Aadhaar is a 12-digit unique identity number that can be obtained voluntarily by the citizens of India and resident foreign nationals who have spent over 182 days in twelve months immediately preceding the date of application for enrolment, based on their biometric and demographic data. The data is collected by the Unique Identification Authority of India (UIDAI), a statutory authority established in January 2009 by the Government of India, under the jurisdiction of the Ministry of Electronics and Information Technology, following the provisions of the Aadhaar Act, 2016.

The 2012 LinkedIn hack refers to the computer hacking of LinkedIn on June 5, 2012. Passwords for nearly 6.5 million user accounts were stolen. Yevgeniy Nikulin was convicted of the crime and sentenced to 88 months in prison.

In June 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting personnel records. Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family. One of the largest breaches of government data in U.S. history, information that was obtained and exfiltrated in the breach included personally identifiable information such as Social Security numbers, as well as names, dates and places of birth, and addresses. State-sponsored hackers working on behalf of the Chinese government carried out the attack.

<span class="mw-page-title-main">Have I Been Pwned?</span> Consumer security website and email alert system

Have I Been Pwned? is a website that allows Internet users to check whether their personal data has been compromised by data breaches. The service collects and analyzes hundreds of database dumps and pastes containing information about billions of leaked accounts, and allows users to search for their own information by entering their username or email address. Users can also sign up to be notified if their email address appears in future dumps. The site has been widely touted as a valuable resource for Internet users wishing to protect their own security and privacy. Have I Been Pwned? was created by security expert Troy Hunt on 4 December 2013.

On March 27, 2016, hackers under the banner "Anonymous Philippines" hacked into the website of the Philippine Commission on Elections (COMELEC) and defaced it. The hackers left a message calling for tighter security measures on the vote counting machines (VCM) to be used during the 2016 Philippine general election on May 9. Within the day a separate group of hackers, LulzSec Pilipinas posted an online link to what it claims to be the entire database of COMELEC and updated the post to include three mirror link to the index of the database's downloadable files. The leaked files by LulzSec Pilipinas amounts to 340 gigabytes.

The Internet service company Yahoo! was subjected to the largest data breach on record. Two major data breaches of user account data to hackers were revealed during the second half of 2016. The first announced breach, reported in September 2016, had occurred sometime in late 2014, and affected over 500 million Yahoo! user accounts. A separate data breach, occurring earlier around August 2013, was reported in December 2016. Initially believed to have affected over 1 billion user accounts, Yahoo! later affirmed in October 2017 that all 3 billion of its user accounts were impacted. Both breaches are considered the largest discovered in the history of the Internet. Specific details of material taken include names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and hashed passwords. Further, Yahoo! reported that the late 2014 breach likely used manufactured web cookies to falsify login credentials, allowing hackers to gain access to any account without a password.

In the 2010s, personal data belonging to millions of Facebook users was collected without their consent by British consulting firm Cambridge Analytica, predominantly to be used for political advertising.

The Equifax data breach occurred between May and July 2017 at the American credit bureau Equifax. Private records of 147.9 million Americans along with 15.2 million British citizens and about 19,000 Canadian citizens were compromised in the breach, making it one of the largest cybercrimes related to identity theft. In a settlement with the United States Federal Trade Commission, Equifax offered affected users settlement funds and free credit monitoring.

<span class="mw-page-title-main">Distributed Denial of Secrets</span> Whistleblowing organization

Distributed Denial of Secrets, abbreviated DDoSecrets, is a non-profit whistleblower site for news leaks founded in 2018. Sometimes referred to as a successor to WikiLeaks, it is best known for its June 2020 publication of a large collection of internal police documents, known as BlueLeaks. The group has also published data on Russian oligarchs, fascist groups, shell companies, tax havens and banking in the Cayman Islands, as well as data scraped from Parler in January 2021 and from the February 2021 Gab leak. The group is also known for publishing emails from military officials, City Hall in Chicago and the Washington D.C. Metropolitan Police Department. As of April 2022, the site hosts dozens of terabytes of data from over 200 organizations.

Data breach incidences in India were the second highest globally in 2018, according to a report by digital security firm Gemalto. With over 690 million internet subscribers and growing, India has increasingly seen a rise in data breaches both in the private and public sector. This is a list of some of the biggest data breaches in the country.

ShinyHunters is a criminal black-hat hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.

The Epik data breach occurred in 2021 and targeted the American domain registrar and web hosting company Epik. The breach exposed a wide range of information including personal information of customers, domain history and purchase records, credit card information, internal company emails, and records from the company's WHOIS privacy service. More than 15 million unique email addresses were exposed, belonging to customers and to non-customers whose information had been scraped. The attackers responsible for the breach identified themselves as members of the hacktivist collective Anonymous. The attackers released an initial 180 gigabyte dataset on September 13, 2021, though the data appeared to have been exfiltrated in late February of the same year. A second release, this time containing bootable disk images, was made on September 29. A third release on October 4 reportedly contained more bootable disk images and documents belonging to the Texas Republican Party, a customer of Epik's.

<span class="mw-page-title-main">Morgan & Morgan</span> American law firm

Morgan & Morgan is an American law firm. Founded in 1988 by John Morgan, it is headquartered in Orlando, Florida. While Morgan & Morgan was historically considered a firm focused on personal injury, medical malpractice and class action lawsuits, it also expanded practices to other areas of legal services. The firm has offices in 49 U.S. states and Washington, D.C.

References

  1. 1 2 3 "Marketing Firm Leaked Database With 340 Million Records". WIRED. June 27, 2018.
  2. 1 2 "Exactis said to have exposed 340 million records in massive leak". 28 June 2018.
  3. 1 2 Paul, Kari (June 29, 2018). "What is Exactis—and how could it have leaked the data of nearly every American?". MarketWatch.
  4. "Marketing Firm Leaked Database With 340 Million Records". WIRED. Retrieved 2018-10-09.
  5. "A New Data Leak Reportedly Exposed 230 Million Americans' Personal Information".
  6. Al-Heeti, Abrar (June 28, 2018). "Exactis said to have exposed 340 million records in massive leak". CNET. Retrieved January 22, 2019.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.