14:02 GMT +322 October 2019
Listen Live
    A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017

    Photos: Personal Data of Assange, Ecuador’s Entire 16.6 Million Leaked Online

    © REUTERS / Kacper Pempel/Illustration
    Tech
    Get short URL
    2103
    Subscribe

    The personal information of almost every single person in Ecuador, as well as that of WikiLeaks founder Julian Assange, has been leaked through a major database breach, according to two security researchers who work for web privacy firm vpnMentor.

    The breach, which was uncovered by Noam Roten and Ran Locar, leaked around 20.8 million records in 18 gigabytes of data of Ecuadorians’ personal information. The breach occurred through an unsecured server located in Miami, Florida, according to a recent blog post by vpnMentor. The server appears to be owned by Ecuadorian consulting company Novaestrat.

    The entire population of Ecuador is about 16.6 million. Some of the data entries may thus be duplicates or “involve individuals who are already deceased,” according to the blog post.

    “The majority of the affected individuals seem to be located in Ecuador. Although the exact details remain unclear, the leaked database appears to contain information obtained from outside sources. These sources may include Ecuadorian government registries, an automotive association called Aeade, and Biess, an Ecuadorian national bank,” the vpnMentor blog post reads. 

    Example of typical entry
    Example of typical entry

    Individuals in the database were identified by their “cedula,” which refers to an Ecuadorian’s 10-digit national identification number. Other examples of leaked personal information included the “RUC,” which is a person’s taxpayer identification number, according to the report, as well as full name, gender, date of birth, place of birth, home address, email address, home, work and cell phone numbers, marital status, date of marriage, date of death and level of education. 

    Example of financial information leaked
    Example of financial information leaked

    The entries also included information about people’s family members, such as the full names of a person’s mother, father and spouse, as well as each one of their “cedulas.” 

    Example of leaked information regarding family members
    Example of leaked information regarding family members

    Some of the entries even included financial information related to bank accounts with Biess, the Ecuadorian national bank. Examples of such entries included account status, current account balance, amount financed and credit type, as well as “location and contact information for the person’s local Biess branch,” according to the blog post. Other parts of the database disclosed detailed employment information such as an employer’s name, employer location, employer tax identification number, job title, salary details and even job start and end dates. 

    Leaked information on WikiLeaks founder Julian Assange
    Leaked information on WikiLeaks founder Julian Assange

    The leaked records also included an entry for Assange, which contained a “cedula” value associated with him. Assange was granted political asylum by Ecuador in 2012. He stayed in the country’s embassy in London until April 2019, when Ecuador ended his asylum, claiming he violated its terms.

    VpnMentor closed the breach on September 11. However, the firm warned that once data is “exposed,” it “can’t be undone.”

    “The database is now closed, but the information may already be in the hands of malicious parties. This kind of data breach could have been prevented with some basic security measures. No matter what the size of your company is, you should always use the following security practices: Secure your servers, implement appropriate access rules, require authentication to access all systems,” vpnMentor counseled.

    Related:

    Julian Assange, US Elections and "Ethical Hacking"
    Chloe Moretz’s Twitter Account Gets Hacked Just Five Days after Jack Dorsey’s
    ‘Jack Was Compromised’: Twitter CEO Has Account Hacked, Filled With Hateful Tweets
    Huawei Accuses US of Hacking Company's Networks, Intimidating Employees
    US Targets Three Hacking Groups for North Korean 'Malicious Cyber Activity'
    Tags:
    leaked files, Ecuador, Julian Assange, hacking
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik