The corporate database of a business services giant has been breached, resulting in the leak of more than 33 million personal records.
Dun & Bradstreet’s 52GB database contains an estimated 33.6 million files that include personal information such as names, job titles and functions, phone numbers, and work email addresses, according to a ZDNet report. The company acquired the database as part of a 2015 deal to buy NetProspex, a B2B data management firm, for $125 million.
After receiving the database, security researcher Troy Hunt discovered that the information was very organized, indicating the data was not pulled via a careless hack.
“Based on our analysis, it is our determination that there has been no exposure of sensitive personal information from, and no infiltration of our system. The information in question is data typically found on a business card. As general practice, Dun & Bradstreet uses an agile security process and evaluates and evolves security controls to protect the integrity of our data.”
The incident is currently being investigated, but how the data became exposed is unknown.