Data Firm Left Records on 48 Million Individuals Online
LocalBlox, a data firm that bills itself as "a powerful, scalable and distributed data acquisition platform" is the latest company to mistakenly leave data out in the open on a publicly accessible Amazon Web Services (AWS) S3 bucket.
The company, based in Bellevue, Wash. left a slew of data online; 48 million records containing information on tens of millions of individuals including names, addresses, and dates of birth. The dataset also included data apparently scraped from Twitter handles, along with LinkedIn and Facebook profiles. Data from Zillow, a popular real estate site, has also been scraped and composited into the dataset.
The company was notified of the unsecured bucket by researchers with UpGuard, a Mountain View firm that's had a knack for uncovering data sets like this as of late. The firm notified LocalBlox on February 28 and the bucket was secured later that day, UpGuard said Wednesday.
The bucket contained a single 151.3 GB compressed file that decompressed to a 1.2 terabyte Newline Delimited JSON file. According to researchers, who combed through the dataset when they first came across it in a subdomain, “lbdumps,” on February 8, each record is in JSON format.
