Background Checks Service Provider Exposes 600,000+ Sensitive Records Online

In a data security incident, over 600,000 sensitive records were exposed online by SL Data Services, LLC, an information service provider operating under the brand Propertyrec.

The breach was discovered by cybersecurity researcher Jeremiah Fowler, who reported the issue to Website Planet.

The exposed database contained 644,869 PDF files, totaling 713.1 GB of data, and included court records, vehicle records, and property ownership reports.

Notably, approximately 95% of these documents were labeled as “background checks” and contained extensive personal information such as full names, addresses, phone numbers, email addresses, and criminal history.

Security Implications and Risks

According to the reports, the database was neither password-protected nor encrypted, making it publicly accessible to anyone with an internet connection.

This lack of basic security measures has heightened concerns about potential identity theft and social engineering attacks.

The detailed personal information exposed in the breach could be exploited by cybercriminals to create comprehensive profiles of individuals, which could then be used for targeted phishing attempts or other malicious activities

The breach underscores the critical need for companies handling sensitive data to implement robust security protocols, including encryption and access controls.

Response and Recommendations

After Fowler’s responsible disclosure notice, public access to the database was restricted over a week later.

However, during this period, the number of documents in the database increased significantly.

It remains unclear how long the database was exposed or if any unauthorized access occurred before it was secured

Regular audits and monitoring of access logs are also advised to detect any unusual activities promptly. 

This breach is reminiscent of previous incidents in the industry, such as the National Public Data breach earlier this year, which affected millions and highlighted systemic vulnerabilities in data protection practices.

Also Read:

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here