Another background check company suffered a data breach; this time, more than 600,000 people were affected. It's a minor breach compared with the 2.9 billion people hit by the National Public Data hack, but it's still scary.
The company in question, SL Data Services, was discovered online. It was publicly exposed and not password-protected or encrypted.
Cybersecurity researcher Jeremiah Fowler discovered the breach (or lack of protection on the files). The breach contained vehicle records, court records, property ownership reports, full names, addresses, email addresses, employment details, social media accounts, phone numbers, and criminal records.
Everything was contained in PDF files, most of which were labeled "background check." There was a total of 713.1GB of files in the database.
Thankfully, the information isn't publicly available anymore, but it took a while before it was properly locked down. After the responsible disclosure notice was sent, it took a week before SL Data Services made it unavailable. A whole week is a long time to have 600,000 people have their information sitting in publicly accessible files.
Unfortunately, those with data in the breach might not even know their information was included. Since background checks are usually performed by someone else and the person being checked rarely knows which background check company was used, this could be even messier.
While social security numbers and payment information aren't included in the breach, with so much data being publicly available about the people affected, scammers can use that information to trick unsuspecting victims with social engineering attacks.
Thankfully, there's no indication that malicious actors accessed the open database or collected sensitive information, but there's no proof that they didn't. Only time will tell — if we start seeing a rise in sudden social engineering attacks, we know something happened.
More from Tom's Guide
- Scammers prey on Black Friday buyers – don't fall for fake online shops
- These are the best antivirus software solutions to keep you safe from malware
- This nasty Android trojan is hijacking calls to your bank and sending them to hackers
