close
Jump to content

Exactis

From Wikipedia, the free encyclopedia

The Exactis data breach was a data breach of United States citizens' data exposed on a publicly accessible server.

Exactis LLC was a data broker established in 2015 and based in Palm Coast, Florida.[1] The firm collected business and consumer data in an effort to refine targeted advertising.[2] In June 2018, cybersecurity researcher Vinny Troia[3] discovered that the organization made nearly 340 million records available on a publicly accessible server.[4][5][2] Troia reported the public server to Exactis, which made the server private.[3] The leak is notable due to the scale of data that was exposed, surpassing the Equifax breach which had exposed 145 million customers' personal data the year prior.[6]

Exactis' breached data included 230 million records about people and 110 million about businesses.[7] Exactis acquired the data through a combination of public data scraping and purchasing data from other brokers.[3][7] The breached data included home addresses, email addresses, phone numbers, and other personal information, but did not include password or credit card data.[7] The Exactis data breach was part of a trend of data breaches caused by small firms with unsecured data, such as Verifications.io.[7]

Exactis LLC functionally closed following the disclosure of the data breach.[1][7] A class-action lawsuit that was filed following the disclosure has been stalled, both because the company has little money and because it's unclear if the data was ever accessed by anyone other than Troia.[1][7]

See also

[edit]

References

[edit]
  1. 1 2 3 "Inside one company's damaging data-security lawsuit". Florida Trend. Retrieved 2026-07-13.
  2. 1 2 Paul, Kari (June 29, 2018). "What is Exactis—and how could it have leaked the data of nearly every American?". MarketWatch.
  3. 1 2 3 Greenberg, Andy (June 27, 2018). "Marketing Firm Leaked Database With 340 Million Records". WIRED.
  4. "Exactis said to have exposed 340 million records in massive leak". 28 June 2018.
  5. "A New Data Leak Reportedly Exposed 230 Million Americans' Personal Information".
  6. Al-Heeti, Abrar (June 28, 2018). "Exactis said to have exposed 340 million records in massive leak". CNET. Retrieved January 22, 2019.
  7. 1 2 3 4 5 6 Greenberg, Andy (2019-03-18). "Here's What It's Like to Accidentally Expose the Data of 230M People". Wired. ISSN 1059-1028. Retrieved 2026-07-13.