Billions of Records of Web-Tracking Data Exposed by Oracle’s BlueKai
In the digital age, almost all industries have realized the worth of online user data. For this reason, several global agencies have become a harvester of uncountable amounts of personal information every day from billions of people. But this also confronts us with the various risks related to such systems, as was revealed in the case of BlueKai data leak.
BlueKai exposes massive amounts of data
Oracle-owned marketing cloud platform BlueKai exposed sensitive data online in a data breach due to a security lapse.
- This month, Oracle’s BlueKai left exposed an unsecured database containing billions of records like names, home addresses, email addresses, and sensitive users’ web browsing activity — from purchases to newsletter unsubscribes.
- BlueKai tracks 1.2% of all web traffic and tracks some of the world’s biggest websites: Amazon, ESPN, Forbes, Glassdoor, Healthline, MSN.com, Levi’s, Rotten Tomatoes, and The New York Times. Given the volume of data on this unsecured server, this is already one of the largest cybersecurity mistakes of 2020.
- Oracle’s investigation has also revealed that the associated companies did not properly configure their services, which lead to this data breach.
Online database exposure
In the past, there have been incidents when massive amounts of data were exposed due to such unfortunate incidents.
- In November 2019, an Elasticsearch server containing more data of around 4 billion user accounts (with 1.2 billion unique users), including names, phone numbers, email addresses, LinkedIn, and Facebook profiles were leaked.
- The data belonged to data enrichment companies, including People Data Labs or PDL, and OxyData.Io or OXY.
- This was considered as the biggest data leak incident of 2019.
User privacy is really important
Data exposure by such data collection tools or agencies like BlueKai is a sensitive issue. In June 2020, Google was sued in a $5 billion lawsuit in the U.S. for tracking 'private' internet use through browsers set in “private” mode.
Use a secure web browser and VPN for privacy. Use encrypted apps to keep online conversations private. Do not allow websites or browser plugins to store any sensitive data like credit card numbers or login credentials in the form of cookies.