🚨 1 billion personal records just exposed — and no hackers were involved.
Cybernews discovered an unprotected, password-free database belonging to IDMerit, a digital identity verification provider. One terabyte of structured PII from 26 countries — full names, addresses, dates of birth, national IDs, phone numbers, email addresses, and telco metadata — sitting wide open.
The U.S. took the hardest hit at 204M records. Canada: 12M. The data was clean and structured, meaning anyone who found it could query and extract it immediately.
This wasn’t a breach. No one broke in. A company just… left the door open.
The risks: targeted phishing, SIM swaps, account takeovers, identity theft, and credit fraud — all fueled by pre-validated identity data.
What you should do now: → Watch for suspicious calls, texts, and emails — targeted social engineering is the likely follow-on → Consider freezing your credit → Sign up for identity theft monitoring → Keep your antivirus up to date — phishing emails with malicious attachments are coming
The company secured the database after being notified. But the window was open. That’s what matters.
#CyberSecurity #DataPrivacy #InfoSec #DataLeak #IdentityTheft
