Written bySiddhant Pandey
In a shocking development, a major security breach has been reported which has leaked personal data of almost the entire population of Ecuador online.
All of the country's 16.6 million people, including 7 million minors and children, had their privacy invaded as their data was breached on an unsecured server run by an Ecuadorean marketing and analytics firm, Novaestrat.
Here are more details.
The breach was discovered by two security researchers working for vpnMentor, Noam Rotem and Ran Locar, two weeks ago, and first reported by cybersecurity website ZDNet on Monday.
Reportedly, the data that was breached included citizens' full names, dates of birth, places of birth, home addresses, marital status, cedulas (national identity card numbers), work/job information, phone numbers, and education levels.
The database was reportedly up-to-date and contained information as recent as 2019. According to ZDNet, the leak even contained data on the country's president, and Julian Assange, who was granted asylum in the Ecuadorean embassy in London from 2012 until his arrest in April.
Exposing the risks of the breach, ZDNet stated that they found 6.77 million entries for minors, 7 million financial records, and 2.5 million records containing car and car owner details.
This could make targeting children from rich families for kidnapping extremely easy.
Additionally, the leak exposes individuals and companies to dangers of identity theft, financial fraud, business espionage, and other security threats, vpnMentor reported.
Notably, Interior Minister Maria Paula Romo said this was a "very delicate issue" and "a major concern for the whole government and the state."
Romo also addressed the detention of Novaestrat's legal representative, William Roberto, saying "he will be transferred immediately" to enable Ecuador prosecutors to investigate the case.
Investigators had raided Roberto's Home on September 16, and seized computers, documents, and electronic devices.
According to Ecuador's telecommunications ministry, vpnMentor reported the breach to Ecuadorean officials on September 11.
Thereafter, the Ecuador CERT (Computer Emergency Response Team) secured the breach.
Even with the breach closed, vpnMentor warned, "Once data has been exposed to the world, it can't be undone. The database is now closed, but the information may already be in the hands of malicious parties."
Love World news?
Subscribe to stay updated.