Data aggregator LocalBlox
is tightening its security measures following the recent leak of data profiles
that were temporarily left in an Amazon S3 bucket without an optimal security
setting. The company takes full responsibility for the situation and assures
the mistake will never happen again.
Data technology company LocalBlox Inc.
announced today that it is implementing a number of security measures in
response to the recent leak of millions of data profiles left exposed on an
Amazon Web Server S3 Storage.
The data, obtained from social media sites
and other sources, was inadvertently left unsecure in an AWS S3 storage bucket
that was not password-protected, according to company officials at LocalBlox. The S3 bucket primarily
contained fake data produced from customer intelligence records duplicated for
internal testing purposes. Also this data is unusable without a schema or
detailed documentation. However, the data—which had been accessed only by known
internal users and the security researcher who discovered it through extensive
efforts—was never “publicly” exposed. Fuzzying techniques and special tools
were used to get to the file. Once it became aware of the situation, LocalBlox
resolved the matter within a few hours. “Our logs prove that no other
individual accessed this file from the S3 bucket,” said Ashfaq Rahman, Founder
and CTO of LocalBlox. “We
believe there is almost no danger that anyone else was able to access the file
without our knowledge.”
The company assumes full accountability for
the oversight and is committed to doing everything it can to address the issue.
“We apologize for this unfortunate situation and take responsibility for the
mistake,” Rahman said. “We have added additional policies and controls to our
processes to ensure that this does not happen again.”
Data breaches are an expanding problem that
has impacted major corporations, government agencies and other entities
worldwide. Consequently, digital security is a serious concern for consumers and
businesses, particularly data technology companies like LocalBlox.
The company has adopted a number of steps to ensure its data is employed and
maintained as securely as possible. For example, LocalBlox:
·
stores all of its files in multiple database environments that run
24/7 backups and has anonymous data for use
·
stores individual records with PII (personally identifiable
information) independently and matches specific jobs by its internal UID (user
ID) processes
·
has ensured that all machines that can access its data servers and
data stores are from a set of white-listed IP addresses and have are strict
firewall policies in place
·
makes sure all data transfers happen in a SSH (secure shell)
environment or through AWS buckets with the most stringent security settings
possible.
·
has deployed its proven endpoint agent to capture and record all
system, user and data events on or off the network. (The agent is also
configured to automatically block suspicious insider activity or outsider attacks—before
sensitive data is lost.)
Data mining is not a new practice. Data
technology companies have been scraping public records for decades to gain
valuable customer intelligence for business, marketing and other purposes.
Public profiles on social media platforms represent a virtual gold mine for
data aggregators, who use this information in various ways. Rahman emphasizes
that LocalBlox’s methods of
accessing and utilizing data are completely valid and ethical. The company
acquires all of its data using privacy-compliant techniques or from the public
domain and other non-proprietary sources. And it has never engaged in any
illegal or unethical activities with its web mining processes.
LocalBlox does not
license a straightforward copy of any particular content but rather generates
transformative, machine readable and cross-validated facts. Clients of LocalBlox can use its data and platform
for a variety of legitimate and constructive reasons, ranging from creating
next-generation personalized and relevant consumer experiences to promoting
life-saving emergency services. “Its use is strictly regulated to serve the
greater good of mankind,” he said.
LocalBlox Data
Aggregation and Identity Graph technology has been around since 2015 founded by
Rahman and his wife, Sabira Arefin, who currently serves as president. The
small, family-owned business has worked diligently to distinguish itself as a
trusted data management and technology firm that is honest, goal-oriented and
committed to its clients. Today, the data technology company is privileged to
fill a unique niche in the marketplace. It is currently the only platform that
has invented technology that can acquire, scale and correlate diverse,
conventional, non-traditional data points and social sentiments mapped into
real identities of people and businesses. In addition, LocalBlox is the first
company whose platform can launch globally.
LocalBlox’s technology
effectively leverages machine learning and human insight. Its next-generation
Data Discovery and Creation platform continuously learns to create the most
accurate, complete and freshest people and business data in real-time and at
scale. “LocalBlox helps companies
acquire and utilize a vast amount of information from sources previously held
captive on the web with exceptional speed and scale while also marrying other
offline datasets,” Rahman said.
For more information about LocalBlox and its
comprehensive identity graph platform, please visit http://www.localblox.com.
About LocalBlox
Inc.
Based in Bellevue, Wash., LocalBlox is a data
technology company that uses a proprietary approach for acquiring and utilizing
data. The LocalBlox platform automatically crawls, discovers, extracts,
indexes, maps and augments data in a variety of formats from the web and from
exchange networks, adding crowd-sourced verification as needed.
LocalBlox generates
unique derivative data products by combining information identified through its
discovery and creation platform with data assets provided by its publishing, ad
exchange and crowd sourcing partnerships. The platform facilitates the creation
of normalized rich profiles around business firmographics, people data, usage
patterns and behavior trends. It can power B2B, B2C customer intelligence,
customer retention and relationship management, sales and marketing campaigns,
location-based services, search and mapping portals, demographic targeting,
sales lead generation, programmatic advertising and personalization for a wide
range of industries.
No comments:
Post a Comment