Source: Sophos Naked Security
The headlines scream of how the Republicans’ data analytic contractor, Deep Root Analytics, had stored 25 terabytes (TB) of data stored in the cloud, of which 1.1TB were available for harvesting by anyone who found the links.
The exposed data put the personal identifying information (and more) of approximately 200m registered voters in the United States at risk. Kudos to security researcher Chris Vickery, who discovered the misconfigured data store of Deep Root on 12 June.
According to Gizmodo, the window of exposure for the Deep Root data was from June 2 through June 14. Deep Root’s CEO Alex Lundry said:
We take full responsibility for this situation … since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access.
Many important themes percolated to the top because of this incident.
The first is the confirmation that the age of big data is upon us. These companies (of which Deep Root is but one) are collecting information on each one of us from a disparate array of sources, collating the information and then regurgitating the information in a manner most useful for their client. Marketeers everywhere no doubt let out a “holy moly” and the wheels were turning on what they could do with this level of granularity about their customer/clients.
Read more here.