CyberNews researchers have discovered an insecure data bucket belonging to View Media and containing about 39 million files of American citizens. These files include, among other things, full names, home addresses, addresses e-mail, telephone numbers and postal codes.
What is View Media?
View Media is a company digital marketing specializing in email marketing, display advertising, design, hosting, instant messaging and more services digital marketing. The company offers targeted marketing services to US companies such as the Tribune Media and the Times Media Group.
In addition to the millions of US citizen files, the bucket also contains thousands of marketing newsletters, brochure designs and banner ads created by View Media for its customers.
The database left to a publicly accessible Amazon Web Services (AWS) server, thus allowing anyone to have access and download them data. This is the second time this summer that an insecure case has been identified, following the leak of 350 million emails leaked by CyberNews in August. Amazon data bucket containing such a large volume of user data. View Media's exposed bucket has been unavailable since Amazon closed it on July 29.
The publicly available Amazon S3 data bucket contains 5.302 files, including:
- 700 documents stored in PDF files
- 59 CSV and XLS files containing a total of 38.765.297 citizen files USA, of which the 23.511.441 files are unique.
The data bucket was hosted on an exposed Amazon AWS server, and it is not yet known if cybercriminals have access to the data stored on it. It is relatively easy to find unsafe Amazon buckets and gain unauthorized access to them.
What are the consequences of this data leak?
Although the files contained in the insecure Amazon S3 bucket do not contain very sensitive personal information, such as social security numbers or credit card numbers, cybercriminals can use the personal information contained in the database to commit various malicious activities. activities. They may also use the names, email addresses and phone numbers of affected people in their "businesses".
Contact information may be enough for spammers and phishers to launch targeted attacks against the millions of Americans exposed. In addition, cybercriminals can combine the data in this bucket with other data breaches to create profiles of potential targets for identity theft.
Therefore, as a US citizen, your data may be exposed to this leak. To see if you have been affected by this breach, we recommend that you do the following:
- Use it personal data leakage controller of CyberNews to see if your email address has been leaked.
- If your email is leaked, change the password you entered immediately.
- Look for possibilities Phishing emails and spam messages. Do not click on anything suspicious, whether it is an email - text message or a link that may be contained within it.