A dark web researcher has discovered a massive trove of personal user data on an unsecured server, amounting to about 1.2 billion records.
While the database didn’t contain any particularly sensitive information, it does go a long way to prove just how extensive the data collection practices of most tech giants really are.
And it also cements just why Apple’s own privacy policies are so important.
The data collection was first discovered by researcher Vinny Troia back in October, Wired reported. Troia found the server unsecured, meaning it was openly accessible.
Again, there wasn’t any sensitive information contained within. But the sheer amount of data stored in the database is pretty staggering.
Troia found 4TB of personal user data compiled into databases.
As mentioned earlier, there were about 1.2 billion profiles — including approximately 50 million unique phone numbers and 622 million email addresses.
There’s no word on who created the database or what it was used for. Although it was stored on Google’s cloud infrastructure, Google itself probably didn’t create the data trove.
After Troia reported it to the FBI, the server was pulled down within a few hours.
Data Collection Practices
The “leak” itself is not altogether very interesting beyond the size of the data. But what it really proves is just how much data tech companies like Google and Facebook are gathering about you.
Troia found that the data is made up of four datasets pulled from data brokers People Data Labs and Oxydata. Those data brokers take user data from other sources, compile them, and sell them in-bulk to third parties.
For some context, People Data Labs claims to have “1.5 billion unique person profiles” that can be used to “build products” or “enrich person profiles.”
Wired notes that the data on the unsecured server likely wasn’t obtained from a breach. Instead, whoever created the server probably paid for it or used multiple free trials to access it.
To be clear, the kind of data stored on the server is mostly public. The problem, of course, is that there are entities creating “user profiles” of you without your knowledge. These profiles can be used to do anything from target ads to create predictive profiles about your online habits.
How Apple Protects You
In stark contrast to other tech giants, Apple as a company says it believes privacy is a fundamental human right.
The Cupertino tech giant is one of the first companies to take a stand against data collection practices. And many of Apple’s software features actively fight against data gathering.
That includes the new Sign In with Apple feature, which could hide user emails from third-party sites, and Safari’s Intelligent Tracking Protection, which blocks pretty much all third-party online tracking systems.
And Apple’s pro-privacy stance doesn’t just seem to be a marketing stunt, either. CEO Tim Cook has long pushed for federal privacy regulations in the U.S.
“I’m personally very worried that in a world where nothing is private, then freedom of expression just evaporates,” Cook said. “And if freedom of expression evaporates this is just — this is a classic part of what it means to be an American.”