The Voice • January 2018


In October 2017, UpGuard cybersecurity researcher Chris Vickery discovered a massive, unsecured file that exposed highly personal information of millions of consumers. The data file was found within an Amazon Web Services storage “bucket”, granting anyone with easily attainable credentials access to the data. Once Vickery had discovered the file in question he informed Alteryx, the company who maintained ownership of the file.

Although the data did not include the first and last names of any one individual, there were 248 other data types that indicated explicit details such as addresses, ethnicity, interests, income and even mortgage type. Alteryx commented to Forbes magazine that “the information in the file does not pose a risk of identity theft to any consumers.” [1]

Alteryx, a marketing analytics company, is a business partner of Experian. Experian being a consumer credit reporting company that directly competes with Equifax – another leading credit reporting company responsible for a separate data breach that affected 143 million U.S. consumers.

Joseph Lorenzo Hall, Chief Technologist at the Center for Democracy & Technology, agreed with comments made by Vickery that Alteryx had downplayed the incident. “That is a massive leak. These are very valuable data fields, constituting the essential details of a core of American households,” Hall said. [1] Both Vickery and Hall felt that even without the first and last name of an individual there was a plentiful amount of other personal detail that “would be invaluable for unscrupulous marketers, spammers and identity thieves.” [2]