Security & Fraud

Millions Of Americans Could Have Data Leaked Via Exposed Database

Security experts have discovered an online, unprotected database that stores the personal data of 80 million American households. Not only does the data on the 24 GB database include people’s full names, street addresses, marital statuses, dates of birth, income brackets, home ownership statuses and more, but the researchers don’t know who the database belongs to, since it was hosted on a cloud server.

Ran Locar and Noam Rotem of vpnMentor discovered the database, adding that they believe it is the first time a breach of this size has included such detailed information.

“This open database is a gold mine for identity thieves and other attackers,” they said, according to Fortune.

While 80 million households are included in the database, the number could impact hundreds of millions of individuals. Everyone in the database is over the age of 40. In addition to identity theft, the data could be used to target older and more vulnerable people for phishing and scam attempts. Since real locations and income levels have been exposed, the information could also be used by real-world thieves.

In the meantime, vpnMentor is asking for help in identifying who might own the database so it can be notified about the issue.

This is just the latest instance of a data leak. Last month, close to 1 billion email accounts were leaked by a marketing company in what some researchers called the “biggest and most comprehensive email database” breach ever. The personal information from 982 million email accounts included names, gender, dates of birth, employers and even home addresses.

The online database was created by a company called, which reportedly had no security measures in place. The company offered an “enterprise email validation” service for marketing companies to check whether email addresses were valid or not.


Latest Insights: 

The Payments 2022 Study: Building A High-Performance Payments Team For Fraud Detection, a PYMNTS collaboration with Stripe, examines how digital platforms of all sectors and sizes plan to develop their anti-fraud teams as part of their their broader growth and development strategies. Drawing from an extensive survey from approximately 250 payments heads at digital platforms in the U.S. and abroad, our study analyzes how poor anti-fraud capabilities can harm platforms’ long-term growth strategies, and how they can build high-performing teams to tackle these challenges.


To Top