A major data breach at background check firm MC2 Data has exposed the personal information of 106 million Americans, roughly one-third of the U.S. population. The data leak, uncovered by Cybernews, resulted from a massive oversight by the company, which left a 2.2TB database unsecured and accessible to anyone on the internet.
The breach includes sensitive data such as names, emails, home addresses, phone numbers, dates of birth, partial payment information, property and legal records, and even employment histories. Subscribers to MC2 Data’s services—2.3 million individuals and organizations—were also impacted.
Cybernews reported that the breach was discovered on August 7, and it appears that MC2 Data failed to implement basic password protection for the exposed database. This lack of security puts millions at risk of identity theft, phishing scams, and other cybercrimes.
The leaked information is particularly concerning because it includes data often used by employers, landlords, and law enforcement agencies for background checks. Cybersecurity experts are now warning that such data could be used by criminals to steal identities, commit fraud, and launch targeted attacks on high-value individuals and organizations.
Despite the seriousness of the breach, MC2 Data has yet to issue a public statement. The firm’s negligence could lead to significant legal consequences, with many calling for stronger penalties for companies that fail to protect consumer data.
This incident follows a similar breach by National Public Records, which leaked over 2 billion records earlier this year, further highlighting the growing problem of data insecurity.
For those concerned about their personal information being compromised, experts recommend using identity theft protection services, monitoring financial accounts for suspicious activity, and being cautious of phishing attempts and other scams.