In Ecuador, privacy has died in a database that is freely available online and contains the data of almost the entire population of the country. Fortuna wants the discovery to have been made by the researchers Noam Rotem and Ran Locar of the vpnMentor whose subsequent behavior was in the name of full collaboration to try to avoid damage resulting from the incident.
The filtered data encompasses all types of sensitive information that goes from simple names and surnames, to genealogical tree information, civil registry, bank, work data and even people’s vehicle records.
More than 20 million records including those of Julian Assange and the same Ecuadorian president
The unsecured server where the database was located was located in Miami, Florida and is supposedly owned by the Ecuadorian company Novaestrat, a consulting company that offers data analysis, marketing and software development services.
The sources from which the leaked data come from include the records of the Government of Ecuador, which contain full names, dates and places of birth, addresses, marital status, ID cards, detailed work information, telephone numbers and degrees of instruction of the citizen.
There are also data from the Bank of the Ecuadorian Institute of Social Security with financial information of some citizens, and data from the Association of Automotive Companies of Ecuador with vehicle ownership records, including models and license plates.
Although Ecuador’s population is just over 16 million, these 20 million records suggest duplicates, and deceased people. The data reaches 18 GB of current information as recent as the same 2019.
The researchers managed to find data from the same president of Ecuador, and Julian Assange, who until recently had political asylum in that country and for which he had been assigned a card.
The gap was reported to the CERT of Ecuador that served as an intermediary to solve the problem, the database was finally secured on September 11, but that does not mean that it is a serious problem that may have created privacy problems for Millions of people in the long term.
All leaked information could be accessed for an indeterminate period by third parties and could be used or used in all types of scams, phishing attacks, identity theft, financial fraud, extortion or even worse things due to the high sensitivity of all information.