Yet Another Unprotected Server Found Leaking Sensitive Data of 20 Million Ecuadorian Citizens

• The newly discovered leaky server was used by an Ecuadorian company named Databook.
• The server was located in Germany.

A new instance of unprotected server leaking a vast set of sensitive data belonging to 20 million Ecuadorian citizens, has come to notice. This is the second data leak in less than a month after the discovery of the first unguarded server that exposed data of over 20 million Ecudarions.

Who is responsible for the new leak?

The new data leak was uncovered by two Israeli computer programmers and researchers, Ran Locar and Noam Rotem. They found that the newly discovered leaky server in question was used by an Ecuadorian company Databook.

What data was involved?

The data exposed due to Databook’s unprotected server included personal details of citizens such as names, workplace, family member details, phone numbers, vehicle information, and emails.

The server was located in Germany. Upon discovery, the researchers contacted Ecuador’s CERT following which the server was taken offline. By September 25, 2019, the website hosting this personal data was down.

Recap of the previous data breach

• Earlier, this month, the two researchers had found a similar cache of unsecured data of Ecuadorian on a server in Miami.
• The leaky server belonged to a consulting firm named Novaestrat and had exposed around 18GB of data, impacting over 20 million individuals.
• The leaked records also included an entry for WikiLeaks founder Julian Assange.
• The breach was closed on September 11, 2019.

How is the Ecuador government responding?

The Ecuadorian government’s fast-response IT team has informed law enforcement agencies about the breach. According to Bloomberg, the IT team has also asked the agencies to “investigate other companies that presumably are illegally using personal data.”