Close Menu
    Facebook X (Twitter) Instagram
    Trending
    • 5 Active Malware Campaigns in Early 2025: What You Need to Know
    • 10 Critical Network Pentest Findings IT Teams Overlook
    • Report Phishing Instantly with PhishAlarm
    • Password Reuse Epidemic: Nearly Half of User Logins Compromised
    • Women in Cybersecurity: Interest, Exposure, or Just Stereotypes??
    • Stay Ahead of Scammers in 2025
    • Cybersecurity Alert: Risks of Abandoned Websites
    • DHS Unveils Playbook for the Deployment of Artificial Intelligence for the Public Sector
    Fordham University Information Security and Assurance
    • Information Security and Assurance Homepage
    • Privacy Blog
    • About
    Fordham University Information Security and Assurance
    You are at:Home»Alerts»Marketing Firm Exactis Experiences Large Data Breach
    Alerts

    Marketing Firm Exactis Experiences Large Data Breach

    By Christopher JohnsonAugust 1, 20183 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Copy Link

    Recently, security researcher Troy Hunt updated his security breach notification website, Have I Been Pwned (HIBP) with a notice that a publicly accessible server operated by Florida-based marketing and data aggregation firm Exactis was publicly exposing private information.

    The notice was posted as follows:

    In June 2018, the marketing firm Exactis inadvertently publicly leaked 340 million records of personal data. Security researcher Vinny Troia of Night Lion Security discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis’ service as a “compiler and aggregator of premium business & consumer data” which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.

    Breach date: 1 June 2018

    Date added to HIBP: 25 July 2018

    Compromised accounts: 131,577,763

    Compromised data: Credit status information, Dates of birth, Education levels, Email addresses, Ethnicities, Family structure, Financial investments, Genders, Home ownership statuses, Income levels, IP addresses, Marital statuses, Names, Net worths, Occupations, Personal interests, Phone numbers, Physical addresses, Religions, Spoken languages

    The UISO is sending this email to all @fordham.edu email addresses that were part of the breach. As we maintain the security and integrity of the University’s systems, it is our duty to inform you when we receive alerts from information security resources, both inside and outside the academic community, of any instance in which their @fordham.edu email address appears to have been part of a compromised data set.

    We would like to stress that this is not an announcement that Fordham was compromised, nor was Fordham, to our knowledge, affiliated with Exactis in any way.

    You can read more at the following links:

    • Exactis said to have exposed 340 million records, more than Equifax breach
    • Have I Been Pwned: Exactis
    • Marketing Firm Exactis Leaked A Personal Info Database With 340 Million Records
    • Florida Class Action Claims Exactis Breach Affects 230 Million Americans

    Although passwords were not part of the breached data set, we find it prudent to advise that you do not reuse the password for your @fordham.edu account for any other online services. Attackers are aware of the potential for password reuse and will try to leverage these username/password combinations to authenticate to your Fordham University account.

    Please note: Fordham IT will NEVER ask for your password or ask you to click links to validate your account or password. If you receive questionable or suspicious emails, contact IT Customer Care and allow the UISO to validate the legitimacy of these messages.

    A new security awareness program will be launched by the UISO in September 2018 for Fordham employees. The online course will help employees recognize security risks and cyber threats so they may better protect the University and themselves.

    If you have any questions or concerns, please contact IT Customer Care at (718) 817-3999 or HelpIT@fordham.edu.

    Share this:

    • Click to share on X (Opens in new window) X
    • Click to share on Facebook (Opens in new window) Facebook
    • Click to share on LinkedIn (Opens in new window) LinkedIn

    Like this:

    Like Loading...
    Previous ArticleCryptojacking and Illegal Bitcoin Mining
    Next Article The 7 Most Common Scams on Social Media

    Related Posts

    5 Active Malware Campaigns in Early 2025: What You Need to Know

    10 Critical Network Pentest Findings IT Teams Overlook

    Report Phishing Instantly with PhishAlarm

    Follow Us on Twitter!
    Follow @FordhamSecureIT
    My Tweets
    Archives
    Categories
    • AI (1)
    • Alerts (384)
    • CISO (19)
    • Cyber Security Awareness Month Tip (150)
    • Data Privacy Week (2)
    • Executive Director (1)
    • Exploits and Vulnerabilities (35)
    • General Information (34)
    • Identity and Access Management (12)
    • Identity Theft (26)
    • Jason Benedict (19)
    • Legitimate Email (14)
    • Malicious Email (24)
    • Mobile (25)
    • Network Security (2)
    • News and Events (143)
    • Newsletter (13)
    • Password (17)
    • Phishing (333)
    • Phishing Email (340)
    • Privacy (10)
    • Ransomware (9)
    • Scam (104)
    • Security Awareness (262)
    • Security Guides (34)
    • Social Engineering (12)
    • SPAM (40)
    • Suspicious (6)
    • Telework (2)
    • Teleworking (3)
    • Trojan (7)
    • Uncategorized (9)
    • Virtual Meeting (4)
    • Virus (28)
    • Viruses (8)
    • World Backup Day (1)
    • Zoom (6)
    Tag Cloud
    Alerts Artificial Intelligence Backups cell phones CISO Cybersecurity Awareness Month Tip Cybersecurity Month Data Privacy Device email Exploits and Vulnerabilities fordham fraud Identity and Access Management Identity Theft Information Security Guides Jason Benedict Legitimate Email malicious email Mobile Multi-Factor Authentication networks Network Security News and Events Newsletter online safety Online Shopping Password Phishing Phishing Email Privacy ransomware scam scams Security Awareness social engineering Social Media spam trojan Virus Viruses Wireless wire transfer scam World Backup Day zoom
    About
    About

    Founded in 1841, Fordham is the Jesuit University of New York, offering exceptional education distinguished by the Jesuit tradition to more than 15,100 students in its four undergraduate colleges and its six graduate and professional schools.

    Copyright © Fordham University
    Facebook X (Twitter) Instagram YouTube LinkedIn
    © 2025 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.

    %d