Security

Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address? Seriously, why?

If CheckPeople could take a look at this, that would be great


Exclusive A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.

The information silo appears to have been obtained somehow from Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone's name, and it will look up their current and past addresses, phone numbers, email addresses, names of relatives, and even criminal records in some cases, all presumably gathered from public records.

However, all of this information is not only sitting in one place for spammers, miscreants, and other netizens to download in bulk, it's being served from an IP address associated with Alibaba's web hosting wing in Hangzhou, east China, for reasons unknown. It is a perfect illustration that not only is this sort of personal information in circulation, it's also in the hands of foreign adversaries.

A white-hat hacker operating under the handle Lynx discovered the trove online, and tipped off The Register. He told us he found the 22GB database exposed on the internet, including metadata that links the collection to CheckPeople.com. We have withheld further details for privacy protection reasons.

The repository's contents are likely scraped from public records, though together provide rather detailed profiles on tens of millions of folks in America. Basically, CheckPeople.com has done the hard work of aggregating public personal records, and this exposed NoSQL database makes that info even easier to crawl and process.

"In and of itself, the data is harmless, it's public data, but bundled like this I think it could actually be worth a lot to some people," Lynx told El Reg this week. "That's what scares me, when people start combining these with other datasets."

While CheckPeople.com also offers criminal record searches, Lynx did not find that information among the cache.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

READ MORE

The Register has repeatedly attempted to reach a human at CheckPeople to alert it to the leak, and the site's administrators have yet to respond. Its customer-support call center directed us to email the company, although our messages were subsequently ignored, it appears. Similarly, Lynx told us he has been unable to get hold of anyone beyond a third-party call center worker.

You would think a company trafficking in personal records would care a bit more about being able to be reached.

Whether this is data somehow siphoned from CheckPeople by a Chinese outfit and dumped lazily online, or a CheckPeople server hosted in China, is unclear.

However, under the laws of the People's Republic, government agencies can more or less search any machine at any time in the Middle Kingdom, meaning profiles on 56.5 million American residents appear to be at the fingertips of China, thanks to CheckPeople – we assume Beijing has files on all of us, though, to be fair.

Again, repeated attempts to contact CheckPeople for its side of the story were unsuccessful. Should the company decide to get in touch, we will update this story as needed. We have also pinged Alibaba to alert it to the exposed database, should it care about Americans' privacy. ®

Updated to add

An attorney for CheckPeople.com told us on Friday that the business is probing the matter:

CheckPeople is unaware of any database of information hosted in China or through Alibaba. CheckPeople’s records are stored in the United States on secure servers. However, CheckPeople takes security issues very seriously and is investigating this matter.

We understand the database has been removed from the Chinese server. Redacted screenshots of the records can be seen here.

Send us news
169 Comments

Preliminary report on Texas Tesla crash finds Autosteer was 'not available' along road where both passengers died

Probable cause of accident and fire still under investigation

The US National Transportation Safety Board (NTSB) has published a preliminary report into last month's fatal crash involving a 2019 Tesla Model S in Texas.

The crash happened at approximately 21:07 local time on 17 April this year. Two men entered the car, one in the driver's seat and the other in the front passenger seat (according to home security camera footage).

The Tesla then drove off, travelled about 167 metres before leaving the road on a curve, driving over a curb, hitting a drainage culvert, a raised manhole and a tree, the report found.

Continue reading

Intel throws sand in the face of 'musclebooks' with 10nm Tiger Lake tech

11th-gen Core H has nice new touches, but pitch is usual 'a new PC will be faster and smaller and lighter than an old PC' promise

Intel is talking up a new generation of laptop and mobile workstation CPUs that it says will deliver modest performance gains and lighten laptops for power users.

The new "Tiger Lake" range – officially the 11th-generation Core H – is built on a 10nm process and employs Willow Cove [cores] and SuperFin 10nm transistors. PCIe4 and Wi-Fi 6 are omnipresent. Some models offer per-core voltage control and the kind of overclocking opportunities previously found only on CPUs destined for desktops.

Chipzilla pitched most of the new models at "enthusiasts" – a word describing folks who like gaming on their portable PCs, feel confident enough to twiddle a few nerd knobs, but aren't going to get into water cooling any time soon.

Continue reading

Another platform on which Java will not run – platform 1 of Newcastle's Central Station

What is Geordie for bork?

Bork!Bork!Bork! It's a blessed respite for Microsoft's wares today as it appears that it is Java's turn to disgrace itself on platform 1 of Newcastle upon Tyne's Central Station.

In this case it is the Java Platform SE binary that has fallen over. The version of Windows on which it is running looks decidedly old hat to us, and eagle-eyed Reg reader Dan who sent us the snaps said fans of obsolescence will be delighted to learn that Windows XP splash screen can also occasionally be seen on the screens of some ticket gates.

Be that as it may, the Windows shell on display looks decidedly out of date. We can only hope that the same does not apply to the Java licence, otherwise the next train might be stuffed full of lawyers of the big and red variety.

Continue reading

43 years and 14 billion miles later, Voyager 1 still crunching data to reveal secrets of the interstellar medium

Gazing into the void for at least a few more years yet

Nearly nine years after leaving the solar system, and decades beyond its original mission, Voyager 1 is still gathering valuable data, providing plasma readings to continuously sample the density of the interstellar medium.

Scientists at Cornell University have used data from the spacecraft, first launched in 1977, to uncover a weak signal that details interstellar plasma density over about 10 au (astronomical unit, roughly the distance from Earth to the Sun) with an average sampling distance of 0.03 au, according to a paper in Nature Astronomy.

Voyager 1, whose original mission was supposed to finish in 1980, crossed the heliopause in 2012, making it the first human-made object to do so. This gave researchers an opportunity to directly measure activity outside the solar system, or at least as much as the spacecraft's ageing arsenal of instruments would allow.

Continue reading

Compsci boffin publishes proof-of-concept code for 54-year-old zero-day in Universal Turing Machine

Patch your devi... oh, hang on a sec

A computer science professor from Sweden has discovered an arbitrary code execution vuln in the Universal Turing Machine, one of the earliest computer designs in history – though he admits it has "no real-world implications".

In a paper published on academic repository ArXiv, Pontus Johnson, a professor at the KTH Royal Institute of Technology in Stockholm, Sweden, cheerfully explained that his findings wouldn't be exploitable in a real-world scenario because it pertained specifically to the 1967 implementation [PDF] of the simulated Universal Turing Machine (UTM) designed by the late Marvin Minsky, who co-founded the academic discipline of artificial intelligence.

Yet what the amusing little caper really brings to the world is a philosophical point: if one of the simplest concepts of a computer is vulnerable to user meddling, where in the design process should we start trying to implement security features?

Continue reading

Overdue: After a 2-year £12m delay, Northern Ireland Libraries looks to close chapter on Fujitsu saga

Launches open tender for new £60m deal

Northern Ireland Libraries is launching a formal procurement of a £60m IT contract to replace incumbent supplier Fujitsu following a two-year delay costing taxpayers some £12m.

According to a tender notice, the public-sector organisation responsible for libraries in the UK territory wants to "secure a strategic partner who will deliver modern and innovative IT services."

"Initially the requirement is to manage the legacy services for a period of time whilst planning and implementing new systems and services," the notice said. "It is envisaged this will entail a combined transition and transformation phase and it is essential that continuity of day to day library services is maintained throughout."

Continue reading

Train operator phlunks phishing test by teasing employees with non-existent COVID bonus

Someone at West Midlands Trains approved nasty cybersecurity drill

UK rail operator West Midlands Trains sent an email to 2,500 employees to thank them for hard work during COVID and promised a one-time bonus as a reward, but that lovely news turned out to be phishing training. Needless to say, it did not go over well.

The deliberately inauthentic email first thanked staff for their hard work, then added: "We realise that a huge strain was placed upon a large number of our workforce as a result of COVID-19 ... and we would like to offer you a one-off payment to say thank you for all of your hard work over the past 12 months or so."

Readers were told to click on a link to register for their bonus, but those who followed instructions were sent news of their infosec failings and offered handy tips for the future like "be vigilant with all links and attachments" and "never click on a link that looks suspicious."

Continue reading

Microsoft embraces Linux kernel's eBPF super-tool, extends it for Windows

This early-stage project is not a fork, Redmond insists

Microsoft on Monday launched an open source project to make a Linux kernel tool known as eBPF, short for Extended Berkeley Packet Filter, work on Windows.

Inspired by network packet filtering and capture software dubbed Berkeley Packet Filter, eBPF is a register-based virtual machine designed to run custom 64-bit RISC-like architecture via just-in-time compilation inside the Linux kernel. As such, eBPF programs are particularly well-situated for debugging and system analysis, such as tracing file system and registry calls.

eBPF's relationship with the Linux kernel has been likened to JavaScript's relationship with web pages – it allows Linux kernel behavior to be modified by loading an eBPF program that's executed, and without changing actual kernel source code or loading a kernel module.

Continue reading

Samsung reveals DDR5 memory module that’s ready for Compute Express Link

Suggests terabyte-packing servers that move data at astounding speed aren’t far off

Samsung has shown off a picture of what it says is the first DDR5 DRAM-based memory module that can talk the language of Compute Express Link (CXL).

As we noted when CXL 2.0 debuted in late 2020, the tech is all about moving data more quickly between processors and devices such as GPUs, SmartNICs and pools of memory.

By building memory that’s CXL-ready, Samsung reckons it's brought us all a step closer to servers with wider memory channels, and therefore the ability to handle perhaps a terabyte of memory and move data into and out of it at speed. That all adds up to servers that are better-equipped to handle memory-loving applications like – you guessed it – artificial intelligence.

Continue reading

China’s digital currency adds support for AliPay – the Alibaba payment app with over 700 million users

And just like that, the Digital Yuan has its route into the mainstream

Alibaba’s controversial financial services arm, the Ant Group, has been welcomed into trials of China’s digital currency.

China’s state-controlled media on Monday reported that the Alipay app has added a feature allowing transactions in the Digital Yuan. Alipay has over 700 million monthly active users in China alone.

State-backed journal China Securities Journal reports that functionality to link to a bank is currently limited, and that no merchants are listed. Nor has the feature been made available to all users. But the Journal reports that real-time, anonymous, transactions are possible.

Continue reading

Vietnam’s biggest industrial conglomerate quits smartphones and TV biz, bets on electric cars

No breakthroughs left to make in electronics, says CEO as company eyes off IPO-by-SPAC

Vietnam's largest industry conglomerate, Vingroup, has announced it will no longer develop televisions and smartphones under its VinSmart brand and instead redirect resources toward its electric vehicle unit, VinFast.

“This is a strategic step to bring VinFast towards its goal of becoming one of the smartest and most convenient electric car manufacturers in the world,” said Vingroup in a canned statement.

The Vietnamese conglomerate said it won't trash its electronics division, will honor warranties, support products and keep its VinSmart factories operational until existing consumer electronics product life cycles end. At that point, they will outsource some of the factory to partners and shift other facilities to new products.

Continue reading