More than 100 million Americans had their personal information leaked

MC2 Data and similar companies operate as comprehensive background check providers. They collect, process, and analyze large amounts of public data from a variety of sources to create detailed reports about an individual, including criminal records, employment history, family data, and contact information.

They use this information to create comprehensive profiles that employers, landlords, financial institutions and many others rely on to make decisions and manage risks, such as making informed decisions about whether to hire an employee, rent a home or extend credit to an individual.

Despite working with a large amount of sensitive personal data, the company made a serious security mistake. In a recent study, Cybernews discovered that the company had exposed a massive 2.2 Terabyte database without any password or authentication protection. This meant that anyone on the Internet could freely access this huge amount of data, putting millions of users at risk of personal information being leaked.

This major security incident resulted in the leak of a large amount of personal data of US citizens. It is estimated that up to 106,316,633 records containing private information were compromised, affecting at least 100 million individuals. The initial cause was determined to be human error, raising serious concerns about people's privacy and personal information security.

The leaked data includes names, email addresses, IP addresses, encrypted passwords, home addresses, dates of birth, phone numbers, property records, legal records, family data, employment history.

Businesses that provide background checks and public records services are required to navigate a complex web of regulations. They must comply not only with federal laws, but also with specific state and local requirements. This ensures that their operations remain compliant with the law and that individuals’ privacy is protected to the fullest extent possible.

The data breach uncovered by Cybernews has exposed serious flaws in the way companies like MC2 Data manage and protect personal information. Exposing large amounts of personally identifiable information (PII) not only seriously violates the privacy of millions of users, but also puts them at high risk of information misuse, identity theft, and becoming targets of cyberattacks. At the same time, the incident also has serious consequences for MC2 Data's reputation, which could lead to legal investigations and financial losses.

Aras Nazarovas, a security expert at Cybernews, has issued a dire warning about the dangers of background check services. "These services often become powerful tools for cybercriminals. By purchasing these services, criminals can easily collect a large amount of personal information about potential victims, from which they can plan and carry out fraud, blackmail or even more sophisticated cyberattacks," he said.

Despite the many security measures that background check companies have put in place, data breaches still occur, proving that current measures are not enough to completely prevent the exploitation of user data.

When personal information of millions of people is leaked, it becomes a gold mine for cybercriminals. With this huge amount of data, criminals can easily identify potential targets and carry out attacks more effectively, minimizing the risk of being detected.

Cybernews research has shown that people who have used background checks are often prime targets for cybercriminals. The personal information of these people, including employers, landlords, and law enforcement agencies, is highly valuable and often highly sensitive.