If you are a resident of the country of Georgia, your information has been compromised. 4.9 million records were posted on a hacker forum.
It’s not often you get to report on a security incident that involves an entire country, but that’s exactly what we find ourselves doing right now. As of 2017, the population of Georgia is estimated to be 3.718 million. So, when a data dump of 4.9 million Georgians makes it onto a hacker forum, chances are, we are talking about the entire country’s population.
Word is surfacing that a Microsoft Access Database weighing in at 1.04GB was posted for anyone interested in such data. One might wonder why the number exceeds the population of the country. Well, for one, the census population was taken in 2017 and the data is likely more recent. For another, the database also contains those who are deceased. From ZDNet:
Personal information such as full names, home addresses, dates of birth, ID numbers, and mobile phone numbers were shared online in a 1.04 GB MDB (Microsoft Access database) file.
The leaked data was spotted by the Under the Breach, a data breach monitoring and prevention service, and shared with ZDNet over the weekend.
The database contained 4,934,863 records including details for millions of deceased citizens — as can be seen from the screenshot below. Georgia’s current population is estimated at 3.7 million, according to a 2019 census.
It’s unclear why the article says the population statistic is from 2019 given the Wikipedia offers the same number for 2017.
What is also a mystery is where the data even came from. Theories were bandied about, but those theories led nowhere. It’s not unreasonable to speculate that it might have come from a government agency or a private company contracted by the government. After all, that is the most probable source to house every resident both living and deceased. Still, ideas of where this data even came from is likely cold comfort to those living in Georgia in the first place.
March is still showing that it has plenty to give in this whole security incident file. March started off with the Clearview AI breach which saw the entire client list stolen. From there, Telus owned Koodo also suffered from a data breach where Canadian customer information was being sold on a hacker forum. The next day, UK mobile carrier Virgin Media suffered from a data leak. 900,000 customers had their browsing habits exposed in that one. Cruise ship giant then suffered from their own data breach. Customers and staff had their information compromised.
After that, TrueFire suffered from a data breach which say customer information exposed for 6 months. A possible data leak came from the US Census Bureau where 200 million American’s had their personal information exposed. The MCA Wizard data leak saw 500,000 financial documents exposed. Finally, the incidences seemingly started to grow with the Weibo data breach. That one saw a massive 538 million accounts exposed.
All we are left wondering is if April will be worse if things keep going the way they are.
Drew Wilson on Twitter: @icecube85 and Facebook.
