Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Into the Exposed Database Hall of Shame comes a new entry: an unprotected cloud repository listing the names, dates of birth and street addresses of the adults in 80 million U.S. households, as found by two Israeli researchers.
That's approximately two-thirds of the households in the U.S., according to CNET, which spoke with the researchers. An identity thief who got hold of the data would have a field day, as full names, current addresses and exact dates of birth are 3/4 of the identity-theft quadrifecta --
match a Social Security number with any of those entries, and you're done.
The good news is that the researchers aren't revealing the database's online location. The bad news is that they don't know to whom it belongs, and can't tell its owner to fix it until they figure that out.
MORE: Best Identity Protection Services
As detailed in the VPN Mentor blog, researchers Noam Rotem and Ran Locar found the 24GB database hosted on a Microsoft cloud service (presumably Azure, but we don't know for sure) earlier this month. The database seems to have been up since February.
The VPN Mentor blog post, penned by a pseudonymous "Guy Fawkes," doesn't specify exactly how the database was left unprotected. Sadly, it's pretty common for companies to throw sensitive information up on an Amazon Web Services or Microsoft Azure cloud server without securing it properly.
The data also includes marital status, gender, income, homeowner status (i.e., whether the home is owned or rented) and type of home (apartment, house, etc.).
"This made us suspect that the database is owned by an insurance, healthcare or mortgage company," the blog post said. "However, information one may expect to find in a database owned by brokers or banks is missing. For example, there are no policy or account numbers, Social Security numbers or payment types."
Another tantalizing tidbit -- "despite searching thousands of entries, we could not find anyone listed under the age of 40."
VPN Mentor assumes that this database belongs to an online service that collected this information from people who signed up for it voluntarily, but there don't appear to be email addresses or telephone numbers in the database -- street mailing address appear to be the only contact information.
The demographic information listed here is pretty easy to obtain from commercial data brokerages if you're willing to pay well. We suspect this database may be related to a marketing company that sells condos in Florida, or maybe even the AARP, which somehow knows exactly when your 50th birthday is coming up so that it can start sending you junk mail.
If you have a good idea of whose database it might be, drop VPN Mentor a line at info@vpnmentor.com.
