211 Crises and Abuse Line Suffers Data Leak – 3.2 Million Records Exposed

There’s been another data leak. This time, it is the LA County 211 Crises and Abuse Hotline. Reports say 3.2 million detailed records have been exposed.

It seems that security incidences are increasing these days. Reports are surfacing that there has been yet another data leak. This time, the 211 crises and abuse hotline in LA county is the latest to suffer a leak.

A database containing 3.2 million highly detailed and sensitive records was found on a public server. Anyone who happens to stumble across it could download it. The records were found on, and at the risk of sounding like a broken record, an Amazon Web Services (AWS) S3 bucket. Of course, simple records weren’t the only things found in this database. From TNW:

The leak exposed more than 33,000 social security numbers, over 300,000 email addresses, and the full names of the victims, alleged perpetrators, and witnesses in numerous suspected cases of physical and sexual abuse.

If that weren’t enough, the S3 bucket held “weakly hashed” passwords for 384 logins. Whatever information a bad actor couldn’t gain from the contents of the bucket could have feasibly been accessed by logging into the LA County 2-1-1 LinQ system using these credentials.

In the time since the incident was reported earlier this week, the bucket has reportedly been secured. But just like every other breach of this nature, by the time the problem is discovered there’s simply no way of knowing if any real damage has been done.

This, of course, is just the latest security incident we’ve been tracking for you. This month started off relatively quiet, but came roaring in with other significant security incidences. On the 11th, a data breach exposed 34.5 million Aadhaar accounts. Just three days later, Chili’s suffered its own data breach, but the number of people affected remain unclear. Four days after that, we brought you reports of the Cambridge University data leak which exposed 3 million Facebook accounts. Over the last weekend, another data leak from LocationSmart exposed the real time geolocation information of any American on any major ISP. We may never know just how big that one is.

It seems that with today’s breach, the increasingly scary string of security incidences is only continuing.

Drew Wilson on Twitter: @icecube85 and Google+.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.