Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday March 16 2017, @01:56AM   Printer-friendly
from the yet-another-data-breach dept.

Details of more than 33 million US employees - including military staff - have been released online, according to a security researcher.

The database is reported to contain information on 100,000 US Department of Defense employees, among others.

Troy Hunt, who published news of the leak, said the information had "enormous" potential for scammers.

Business services firm Dun & Bradstreet confirmed to tech news site ZDNet that it owns the data.

Information on government departments and private sector employees is commonly collated by business services that sell the data to other companies, such as marketing firms.

In this case, the records - including names, job titles and contact details - were originally compiled by NetProspex, which was acquired by Dun & Bradstreet in 2015.

Organisations with employees mentioned in the data include the US Postal Service, telecoms giant AT&T and the retailer Walmart.

If they've done nothing wrong, they have nothing to fear.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday March 16 2017, @02:16AM (2 children)

    by Anonymous Coward on Thursday March 16 2017, @02:16AM (#479644)

    If this is a leak from Dun & Bradstreet that's kind of a big deal. They keep track of all kinds of corporate details and members can query D&B for credit ratings and such like on other companies. Typically part of vetting a new supplier or customer for business-2-business deals.

  • (Score: 1) by Ethanol-fueled on Thursday March 16 2017, @02:26AM (1 child)

    by Ethanol-fueled (2792) on Thursday March 16 2017, @02:26AM (#479646) Homepage

    Although I disagree with entities being allowed to collect so much data without permission, being American-centric, I doubt the hack's damage. American banking institutions are pretty good with recouping funds transferred as a result of ID theft. If you're a company with a shitty track-record the truth will come out anyway.

    But then again the article was scant on the details the company collects, and unfortunately here the data collectors can hide behind the "collected by a third-party excuse" and not have to reveal details without some significant effort.

    • (Score: 3, Interesting) by anubi on Thursday March 16 2017, @05:45AM

      by anubi (2828) on Thursday March 16 2017, @05:45AM (#479680) Journal

      I believe the story author nailed the real issue head-on...

      Troy Hunt, who published news of the leak, said the information had "enormous" potential for scammers.

      Money can be traced. Anytime it goes through banks, its traceable who paid it and who received it.

      However, you get the letter in the mail, or the email on your server. And it has all the right credentials.

      It may come from who someone thought was a trusted financial advisor or business partner. It may influence you to make a decision involving lots of money.

      Can you trust it?

      We all know that once something's out, interested parties *will* get a copy of it, and we will never even know who got it.

      And those other "interested parties" are often up to no-good. Even if they aren't direct benefactors of feeding someone misinformation, I am sure there is some convoluted chain where someone will make a buck over someone else's misinformed decision.

      Dun and Bradstreet works with rich people. Excellent prospects for a bountiful harvest if you can influence them into the decision you want them to make.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]