Almost the entire population of Ecuador has had their personal information made public through a data breach.
More than 20 million people (including an estimated 7 million children) have had their data exposed in the leak, which was uncovered by security firm vpnMentor. Given that Ecuador’s population currently stands at 16.5 million, it’s reasonable to assume the entire country has been caught out.
According to the Ecuadorian State Attorney General, that extra few million comes from ‘people already dead’.
The breach is believed to have occurred through an unsecured server in Miami owned by Ecuadorian consulting and analytics firm Novaestrat.
All the pertinent personal information is believed to have been made available, including full names, date and place of birth, home and email addresses, national identification numbers and taxpayer numbers as well as employment information.
Finances were also leaked – including people’s bank balances and credit status.
Although vpnMentor says it reported the breach to the Ecuadorian officials on September 11 (and the unsecured server was quickly taken down) the damage could already be done.
‘Once data has been exposed to the world, it can’t be undone,’ warned the cybersecurity company.
‘The database is now closed, but the information may already be in the hands of malicious parties.’
Once alerted, Ecuador didn’t waste any time. Government agents raided the home of William Roberto G the, legal representative of Novaestrat. They took electronic equipment and documentation to help with an investigation into the breach.