LA Confidential: How Leaked Emergency Call Records Exposed LA County's Abuse & Crisis Victims

The UpGuard Cyber Risk Team can now disclose that sensitive data from the Los Angeles County 211 service, a nonprofit assistance organization described on their website as “the central source for providing information and referrals for all health and human services in LA County,” was publicly exposed online. The contents of the downloadable files include access credentials for those operating the 211 system, email addresses for contacts and registered resources of LA County 211, and most troubling, detailed call notes. These notes describe the reason for the calls, including personally identifying information for people reporting the problem, persons in need, and, where applicable, their reported abusers. Included in the more than 3 million rows of call logs are 200,000 rows of detailed notes, including graphic descriptions of elder abuse, child abuse, and suicidal distress, raising serious, large-scale privacy concerns. In many of these cases, full names, phone numbers, addresses, and even 33,000 instances of full Social Security numbers are revealed among the data. This information was stored in an Amazon AWS S3 bucket configured to be publicly and anonymously accessible. Though some of the files in the bucket were not publicly downloadable, those that were included Postgres database backups and CSV exports of that data, with hundreds of thousands of rows of sensitive personal information. Despite 211’s dedication to preserving the confidentiality of reports, a technical misconfiguration - in this case, an inadvertently public cloud storage instance - exposed not only email addresses and weakly hashed passwords for LA County 211 employees, but six years of highly sensitive call logs regarding some of the most vulnerable people in LA County.

Read More

Block Buster: How A Private Intelligence Platform Leaked 48 Million Personal Data Records

The UpGuard Cyber Risk Team can now confirm that a cloud storage repository containing information belonging to LocalBlox, a personal and business data search service, was left publicly accessible, exposing 48 million records of detailed personal information on tens of millions of individuals, gathered and scraped from multiple sources.

Read More

The AggregateIQ Files, Part Four: Northwest Passage

The UpGuard Cyber Risk Team’s discovery and analysis of an exposed data repository belonging to AggregateIQ (AIQ), a British Columbia-based data firm, has taken readers around the globe, implicating a number of high-profile political customers in a number of countries. Part One of “The AggregateIQ Files” offered an exclusive look at how exposed technical tools designed for the presidential campaign of Senator Ted Cruz (R-TX) shed light on AIQ’s relationship with Cambridge Analytica - an embattled analytics shop recently revealed to have misused data from 87 million Facebook user accounts. In Part Two, we examined how the repository’s contents revealed AIQ’s work on behalf of a variety of political pressure groups in the United Kingdom - most of them heavily involved in the successful 2016 effort to vote to leave the European Union. In Part Three, we took a closer look at the tools revealed to have been built and stored in the unsecured repository - technical mechanisms capable of highly sophisticated tracking and microtargeting of individuals across the internet. In this installment, Part Four of “The AggregateIQ Files,” we return to examine data revealed in the exposure showing AIQ’s involvement in political efforts closer to its home base of Victoria, British Columbia. While AggregateIQ’s work on behalf of a number of Canadian politicians is already known, this data provides clear insight into what specific assets were built and possessed by AIQ for their clients, along with previously unreported information - including about exposed credentials and passwords.

Read More

The AggregateIQ Files, Part Three: A Monarch, A Peasant, and a Saga

In Part One of this series, “The AggregateIQ Files,” we explained how the UpGuard Cyber Risk Team’s discovery of a publicly downloadable data repository operated by British Columbia-based data firm AggregateIQ (AIQ) exposed technical tools used for political operations around the world, including the presidential campaign of Senator Ted Cruz (R-TX). In Part Two, we explored how the exposed repository shed light on AIQ’s work in the United Kingdom involving a number of organizations, including a Northern Irish political party crucial to Prime Minister Theresa May’s government and the official campaign in favor of the UK’s exit from the European Union.

Read More

The AggregateIQ Files, Part Two: The Brexit Connection

Our recent discovery and analysis of publicly downloadable code repositories originating from data analytics firm AggregateIQ has answered a few questions, but raised many more. In Part One of “The AggregateIQ Files,” we explained how the data exposed from within this development repository appear to corroborate existing evidence and accusations that AggregateIQ and Cambridge Analytica, an embattled and highly controversial data firm, work closely together, on projects that appear customized for Cambridge Analytica clients like Texas Senator Ted Cruz.

Read More

The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

The UpGuard Cyber Team’s latest discovery of a data leak, involving the exposed IT assets of a  data analytics firm based in British Columbia, Canada, presents significant questions for society about how technology can be used. In this first installment of a multipart series titled “The AIQ Files,” we begin to explain the importance of the data revealed from a publicly exposed AggregateIQ repository, and how it relates to recent US political history.

Read More

Cloud Leak: WSJ Parent Company Dow Jones Exposed Customer Data

The UpGuard Cyber Risk Team can now report that a cloud-based file repository owned by financial publishing firm Dow Jones & Company, that had been configured to allow semi-public access exposed the sensitive personal and financial details of millions of the company’s customers. While Dow Jones has confirmed that at least 2.2 million customers were affected, UpGuard calculations put the number closer to 4 million accounts.

Read More

What is Cyber Resilience?

Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.

Read More