170 million strong data leak traced to US data broker

Data leak
(Image credit: Shutterstock/dalebor)

Cybernews researchers have uncovered a colossal data leak believed to be related to People Data Labs (PDL), a San Francisco-based data broker, containing over 170 million records.

Breached data includes sensitive information like full names, phone numbers, emails, location, skills, professional summaries, education history and employment history, putting those affected at risk of identity theft.

An unprotected Elasticsearch server has been identified as being responsible for the leak, discovered by the team on June 25, indicating that a third party may have been responsible for managing PDL’s data.

PDL data leak includes 170 million records

Although an unknown threat actor is likely responsible for leaking the data, Cybernews has highlighted the poorly protected Elasticsearch server as a key vulnerability.

The team summarized: “The existence of data brokers is already a controversial issue, as they often have insufficient checks and controls to ensure that data doesn’t get sold to the wrong parties.”

If the leak does indeed pertain to PDL, it won’t be the first time the company has been associated with a leak. In October 2019, it was revealed that more than a billion records from the company’s databases were exposed online, believed to have affected 622 million individuals. At the time, PDL said that it wasn’t responsible for the leak.

Cybernews continued: “If this is a new leak, and not processed and enriched data from the 2019 leak by a third party, such an incident would show a high level of ignorance from the company regarding personal data security.”

Those who suspect they may have been affected together with anybody who has received any suspicious emails, or simply those wanting to maintain the highest levels of digital hygiene, should change their passwords regularly and use a trusted password manager, enable two-factor authentication and monitor their accounts.

TechRadar Pro has contacted People Data Labs to confirm its association with this leak, but we did not receive an immediate response.

More from TechRadar Pro

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read more
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
Security padlock and circuit board to protect data
A major US TV broadcaster leaked over a million sensitive files online
healthcare
Over a million clinical records exposed in data breach
Data leak
Top collectibles site leaks personal data of nearly a million users
Security padlock and circuit board to protect data
Foh&Boh data leak leaves millions of CVs exposed - KFS, Taco Bell, Nordstrom applicants at risk
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
Latest in Security
NHS
NHS IT supplier hit with major fine following ransomware attack
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Latest in News
A PC gamer celebrating, sat in a gaming chair in front of a monitor
Windows 11’s Game Bar gets a fresh coat of paint, plus a tweak to work better on handhelds – and I like the direction Microsoft’s heading in here
NHS
NHS IT supplier hit with major fine following ransomware attack
A business woman looking at AI on a transparent screen
Most businesses are now fully embracing AI - but aren't always protected against the risks
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
All three rumored Samsung Galaxy S25 Edge colors shown off in ‘official’ images
Cristiano Ronaldo promotional image for Fatal Fury: City of the Wolves
Yes, Cristiano Ronaldo is a playable character in Fatal Fury: City of the Wolves, and it makes more sense than you think
inZOI.
inZOI early access won't feature Denuvo DRM after all, 'we are committed to making inZOI a highly moddable game'