Information security researchers have discovered an online database containing the personal information of 106,316,633 US citizens – almost a third of the country’s population. The database includes information from background check company MC2 Data, including people’s names, addresses, phone numbers, copies of various legal and employment documents, and much more.
Researchers believe that the MC2 Data database became publicly available as a result of human error, and not a targeted hacker attack. This is indirectly confirmed by the fact that the database contains information not only about those who were checked by company employees, but also about more than 2 million clients who subscribed to MC2 Data services.
The current incident marks the second major data breach from background check companies in recent months. In August, National Public Data confirmed a data breach, causing it to face several class action lawsuits from Americans whose data was exposed.
«Background check services have always been problematic because cybercriminals can pay for their services to collect data on potential victims. Such a leak is a goldmine for cybercriminals, as it opens up a number of opportunities and reduces the risk for them, allowing them to use this detailed data more effectively,” Aras Nazarovas, a researcher at Cybernews, commented on the issue.