Skip to main content

Almost all Ecuador citizens hit in data breach

(Image credit: Image Credit: Balefire / Shutterstock)

A database containing information on every living person in Ecuador, as well as some that are deceased, has been found just sitting online.

According to ZDNet, two security researchers from vpnMentor, Noam Rotem and Ran Locar, discovered the misconfigured database and, together with ZDNet, proved its authenticity and analysed its contents.

Apparently, the database (opens in new tab) contained records on roughly 20 million people. Ecuador is a relatively small South American country with a population of 16.6 million. The extra entries are both from deceased individuals, as well as from duplicate and erroneous entries.  

But that also means that information on children was found, as well. The database contained names, cedulas (national ID numbers), places of birth, home addresses, and gender. In some cases, ZDNet claims, one could construct the entire family tree, given that the database contained such detailed information.

Seven million financial records (opens in new tab), and 2.5 million records containing car and car owner details, were also found in the database. It seems as that the information was gathered from two separate sources, one of them being the country’s civil registry. The second one seems to be Novaestrat, a company claiming to provide analytics services for the local market.

Given that the company didn’t list an email address or a phone number on the website, that its customer support page was broken and that its employees did not respond to inquiries over LinkedIn, the researchers were forced to reach out to Ecuador CERT (Computer Emergency Response Team) team, which served as an intermediary and helped close the database down.

You can find more details about the leak on vpnMentor’s blog (opens in new tab).

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.