Security

Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address? Seriously, why?

If CheckPeople could take a look at this, that would be great


Exclusive A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.

The information silo appears to have been obtained somehow from Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone's name, and it will look up their current and past addresses, phone numbers, email addresses, names of relatives, and even criminal records in some cases, all presumably gathered from public records.

However, all of this information is not only sitting in one place for spammers, miscreants, and other netizens to download in bulk, it's being served from an IP address associated with Alibaba's web hosting wing in Hangzhou, east China, for reasons unknown. It is a perfect illustration that not only is this sort of personal information in circulation, it's also in the hands of foreign adversaries.

A white-hat hacker operating under the handle Lynx discovered the trove online, and tipped off The Register. He told us he found the 22GB database exposed on the internet, including metadata that links the collection to CheckPeople.com. We have withheld further details for privacy protection reasons.

The repository's contents are likely scraped from public records, though together provide rather detailed profiles on tens of millions of folks in America. Basically, CheckPeople.com has done the hard work of aggregating public personal records, and this exposed NoSQL database makes that info even easier to crawl and process.

"In and of itself, the data is harmless, it's public data, but bundled like this I think it could actually be worth a lot to some people," Lynx told El Reg this week. "That's what scares me, when people start combining these with other datasets."

While CheckPeople.com also offers criminal record searches, Lynx did not find that information among the cache.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

READ MORE

The Register has repeatedly attempted to reach a human at CheckPeople to alert it to the leak, and the site's administrators have yet to respond. Its customer-support call center directed us to email the company, although our messages were subsequently ignored, it appears. Similarly, Lynx told us he has been unable to get hold of anyone beyond a third-party call center worker.

You would think a company trafficking in personal records would care a bit more about being able to be reached.

Whether this is data somehow siphoned from CheckPeople by a Chinese outfit and dumped lazily online, or a CheckPeople server hosted in China, is unclear.

However, under the laws of the People's Republic, government agencies can more or less search any machine at any time in the Middle Kingdom, meaning profiles on 56.5 million American residents appear to be at the fingertips of China, thanks to CheckPeople – we assume Beijing has files on all of us, though, to be fair.

Again, repeated attempts to contact CheckPeople for its side of the story were unsuccessful. Should the company decide to get in touch, we will update this story as needed. We have also pinged Alibaba to alert it to the exposed database, should it care about Americans' privacy. ®

Updated to add

An attorney for CheckPeople.com told us on Friday that the business is probing the matter:

CheckPeople is unaware of any database of information hosted in China or through Alibaba. CheckPeople’s records are stored in the United States on secure servers. However, CheckPeople takes security issues very seriously and is investigating this matter.

We understand the database has been removed from the Chinese server. Redacted screenshots of the records can be seen here.

Send us news
169 Comments

Full Stream ahead: Microsoft will end 'classic' method of recording Teams meetings despite transcription concerns

'All meeting recordings will be saved to OneDrive and SharePoint' from 16 August

Microsoft's technology for recording Teams meetings, Stream, will fully transition to a new version from 16 August, though some users have concerns over transcription features still under development.

Stream is a service for uploading, viewing, and sharing videos. Among its most common uses is for recording Teams meetings. Stream had its own storage and user interface, but in September last year, at its Ignite event, the company introduced "a new journey for Microsoft Stream."

In essence, the change integrates Stream into Microsoft 365. "The web app will be part of office.com – like Word, PowerPoint and Excel web apps – and will enable users to discover, share, and manage videos like any Office document." Microsoft started to call the old service Classic Stream, while referring to the new service as Stream.

Continue reading

A little Dataiku haiku for you: Hungry investors / throw data management firm / even more money

$400m Series E values outfit at $4.6bn

In line with investors' obsession with all things to do with data, Dataiku, a provider of data management software, has secured a $400m investment that values the business at around $4.6bn.

The Series E investment round was led by Tiger Global and also included ICONIQ Growth, CapitalG, FirstMark Capital, Battery Ventures, Dawn Capital, and Snowflake Ventures, set up by that other cloud data company which achieved a jaw-dropping IPO last year.

It is just a year since Dataiku received $100m in a Series D round, which valued the firm at over $1bn. Why the company might now be worth four times that amount is up to investors to argue.

Continue reading

SK hynix to create US-HQ'd NewCo for Intel's outgoing $9bn NAND biz

Chipzilla exec and vineyard owner Robert Crooke to run operation … in between picking grapes

SK hynix intends to set up its soon-to-be acquired Intel NAND business as a standalone US-headquartered company.

Robert Crooke, Intel GM for NAND products and vineyard owner, revealed this in a LinkedIn blog post, writing: "I am honoured to be the CEO of this company. Stay tuned for our new company name, I'll share it here!"

He writes about building "a new multibillion-dollar global company" that has the tech and the "operational scale to become a powerhouse in the NAND storage and memory industry". And he has more than 150 open positions for people to join him in that endeavour, along with the existing base.

Continue reading

Got a cheap Cisco router in your home office? If it's one of these, there's an exposed RCE hole you need to plug

Patches issued for two CVE-rated vulns

Cisco has published patches for critical vulns affecting the web management interface for some of its Small Business Dual WAN Gigabit routers – including a 9.8-rated nasty.

The two vulnerabilities affect the RV340, RV345, RV340W, and RV345P products, which are aimed at SMEs and home office setups. Attackers abusing them on unpatched devices are able to execute arbitrary code and also force reboots of affected routers, causing a denial-of-service condition.

CVE-2021-1609, rated 9.8 on the CVSS v3.1 scale, allows attackers to "remotely execute arbitrary code" thanks to improper validation of HTTP requests, according to Cisco's advisory.

Continue reading

Paperless office? 2.8 trillion pages printed in 2020, down by 14% or 450 billion sheets

Big brands might take solace that in 2025, 4.4 million pages will still be printed every minute

Around 450 billion fewer pages were printed from home and office devices in 2020 as COVID-19 disrupted the world of work.

The direction of travel has been obvious in recent times: people were printing less even before the pandemic took hold, but the decline was sharper last year as volumes plunged 14 per cent on 2019 levels to a total of 2.8 trillion pages, according to IDC.

Continue reading

8 years ago another billionaire ploughed millions into space to harvest solar power and beam it back down to Earth

Caltech received $100m for the project and is only just telling us now

Billionaire Donald Bren was behind a quiet $100m donation in 2013 that established Caltech's Space-based Solar Power Project (SSPP) in an attempt to harness solar power from outer space, the California private research university revealed this week.

The real estate magnate was inspired by a 2011 article in Popular Science (perhaps this one?). He also knew a thing or two concerning power distribution problems from his experience master planning cities like Irvine, California.

Bren subsequently approached Caltech to discuss his ideas. Caltech said he has no stake in the tech and won't make any money from it. The donation is being disclosed now, eight years later, as SSPP wants to highlight upcoming project milestones.

Continue reading

Das tut mir leid! Germany's ruling party sorry for calling cops on researcher after she outed canvassing app flaws

Party denies naming activist to police but apologises anyway

A "left-wing" German infosec researcher was this week threatened with criminal prosecution after revealing that an app used by Angela Merkel's political party to canvass voters was secretly collecting personal data.

Germany's respected Chaos Computer Club (CCC) announced it would stop reporting any weaknesses in the centre-right wing Christian Democratic Union's (CDU) web-facing infrastructure to the party after it procured a criminal prosecution against Lilith Wittmann.

"I got an email from the Cyber Security Police of Berlin," she told The Register. "Could you please provide us your address, so we can send you... legal documents? And then I was like, that's weird. I didn't do anything wrong. Let's tweet about that. Let's find a lawyer who can look into that."

Continue reading

Ch-ch-ch-Chia! HDD sales soar to record levels as latest crypto craze sweeps Europe

Knock-on effect for NAS and SSD devices too

The Chia cryptocurrency craze is fuelling record sales growth in Europe among distributors of hard disk drives (HDD), according to calendar Q2 shipment data from venerable number cruncher Context.

Stats for the three months show sales to end users, via distributors and resellers, went up by 141 per cent year-on-year to 454,512 – the biggest quarter in the regional channel ever, said Context.

Nearline HDDs – the highest capacity drives – led the pack. Sales of the 18TB model swelled to 84,726, up 125 per cent from the prior quarter. 16TB drives, the second most favoured spec, grew to 51,515 units. Other HDD categories also continue to be highly prized thanks to Chia.

Continue reading

Please, no Moore: 'Law' that defined how chips have been made for decades has run itself into a cul-de-sac

Are we approaching peak computing? What are the alternatives?

Feature In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits.

In it, he noted [PDF] that in three years, the optimal cost per component on a chip had dropped by a factor of 10, while the optimal number had increased by the same factor, from 10 to 100. Based on not much more but these few data points and his knowledge of silicon chip development – he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley – he said that for the next decade, component counts by area could double every year. By 1975, as far as he would look, up to 65,000 components such as transistors could fit on a single chip costing no more than the 100-component chips at the time of publishing.

He was right. Furthermore, as transistors shrank they used less power and worked faster, leading to stupendous sustained cost/performance improvements. In 1975, eight years after leaving Fairchild to co-found Intel, Moore revised his "law", actually just an observation, to a doubling every two years. But the other predictions in his original paper of revolutions in computing, communication and general electronics had taken hold. The chip industry had the perfect metric to aim for a rolling, virtuous milestone like no other.

Continue reading

Google hits undo on Chrome browser alert change that broke websites, web apps

'This is peak Chrome; a reasonably good idea hampered because it was pushed out thoughtlessly'

Google has temporarily reversed Chrome's removal of browser alert windows and other prompts created via cross-origin iframes after a rocky rollout over the past two weeks broke web apps and alarmed developers.

An iframe, or Inline Frame, is a portion of a web page embedded in another web page. When it includes resources from a different origin or domain, it's a cross-origin iframe.

Since March, 2020, the team behind Chromium, the open-source engine of Chrome, has been planning to limit the capabilities of cross-origin iframes because they're a security liability. Specifically, they allow an embedded resource like an ad to present a prompt as if it were the host domain.

Continue reading

Not all authentication is created equal – and that’s a good thing

Identity management and access management problems are different and distinct

Sponsored The pandemic has been an arduous time for businesses, but many have learned some important lessons about remote access security along the way.

That’s the gist of the recent 2021 Trends in Securing Digital Identities survey of 500 US security professionals on behalf of the Identity Defined Security Alliance (IDSA), which uncovered a new interest in the fraught topic of identity and access management (IAM).

It’s hard to think of anything more likely to overwhelm an organisation’s remote access systems than an overnight, life-threatening pandemic, starting with large numbers of employees stuck at home, a shortage of suitably secure laptops, and the problem of inadequate VPN capacity. All of this has been well covered. But even when organisations got on top of that chore list, other, harder-to-solve problems quickly raised their heads.

Continue reading