Another unsecured server has been found - but this time affecting most, if not all citizens of Ecuador. The database belonging to marketing company Novaestrat and located in Miami, Florida, included extremely sensitive personal data of over 20 million individuals. The scope of the leaked information is terrifying - apart from name, surname, email address, it contained also home addresses, phone numbers, information about marital status and closest family, national identification numbers, tax identification numbers, detailed financial information, detailed employment information (employer name, location, tax identification number, job title, salary), as well as complete automotive data (car’s license plate number, make, model, date of purchase, most recent date of registration, and other technical details). This staggering wealth of personal detail is likely to come from Ecuadorian government registries, the national bank and automotive association. Among affected is also WikiLeaks founder Julian Assange, who till April 2019 resided in the Ecuadorian embassy in London.
The breach was closed on September 11, 2019, however, the leaked data made most Ecuadorians vulnerable to scams and phishing attacks (with such detailed information it will be very easy to trick the recipients into opening malicious attachments or transferring money), as well as identity theft and financial frauds. Ecuadorian companies will also be at a high risk of espionage and fraud.
One question remains - why a marketing consultancy company had such a staggering amount of very personal data?