1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Corporate database containing 33 million employee records leaked online

By Shawn Knight ยท 4 replies
Mar 16, 2017
Post New Reply
  1. A corporate database originating from business services firm Dun & Bradstreet has leaked online, compromising the contact details of more than 33 million people on the payroll at some of the country’s largest businesses and government organizations including AT&T, Walmart, Wells Fargo, the United States Postal Service and even the Department of Defense.

    Security researcher Troy Hunt from Have I Been Pwned? worked with Zack Whittaker of ZDNet to get to the bottom of the matter. In analyzing a 52.2GB CSV file containing JSON data, Hunt found a total of 33,698,126 records containing detailed contact information including first and last names, job titles, e-mail addresses, phone numbers, employers, job functions and more.

    The data, described as “very corporate” and “perfect” by Hunt, is limited to those working in the US. The top 10 entities on the list according to Hunt are as follows:

    • DOD Cce : 101,013
    • United States Postal Service : 88,153
    • AT&T Inc. : 67382
    • Wal-Mart Stores, Inc. : 55,421
    • CVS Health Corporation : 40,739
    • The Ohio State University : 38,705
    • Citigroup Inc. : 35,292
    • Wells Fargo Bank, National Association : 34,928
    • Kaiser Foundation Hospitals : 34,805
    • International Business Machines Corporation : 33,412

    Hunt and Whittaker were able to confirm that the data is indeed from Dun & Bradstreet and that it is database information that they sell to clients (for marketing purposes). That said, Dun & Bradstreet said they don’t believe the data came directly from one of their systems. With thousands of customers purchasing from the data set, it could be next to impossible to learn who ultimately leaked it – intentionally or not.

    Permalink to story.

  2. JudasSheep

    JudasSheep TS Booster Posts: 96   +76

    Why are companies not fined for data breeches? Pretty sure a ton of us have our personal info out there and the companies who are responsible for it getting there continue with business as usual. FFS Yahoo had 2 major breeches, SOE had 2 major breeches, OPM had the biggest breech ever and possibly the most damaging to individuals and the government. Not like OPM can be fined as they are a government entity, but FFS at least fire those in charge and get someone who gives a rats behind about security and clean it up.
    Eventually all of our data will be out there. The only ones safe will be those who do not go online at all, that is if they have never been to a doctor, have school records, don't use banks, etc. Hold them accountable and sue the hell out of them until they wake up!
    Reehahs and Jeff Schmidt like this.
  3. Jeff Schmidt

    Jeff Schmidt TS Addict Posts: 100   +86

    Because most of our elected officials are either: corrupt, incompetent , way out of touch, or don't care because they are too busy focusing on all of the affair's they are having. Or all of the above.

    And look at the companies that get fined for tracking us. It's such a slap on the wrist for them that they will continue to do it because its so cheap to get the data.

    But most people are so dumb about there information they put most of it online on facebook for anyone to see.
    stewi0001 and Reehahs like this.
  4. Uncle Al

    Uncle Al TS Evangelist Posts: 5,151   +3,575

    Wow .... thanks for that clarification .... and here I just thought they were lazy and stupid ..... hmmmmmm
  5. jobeard

    jobeard TS Ambassador Posts: 12,753   +1,490

    They are :sigh:

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...