Sources: vpnMentor, El Comercio, El Universo, BBC

In the mid-September 2019 the rarely seen personal data leak had place. The data of over twenty million Ecuadorians were put in an unsecured cloud. It is worth noticing, that the Ecuador’s population is only about seventeen million – the leak did not spare the dead. Additionally, in this number, almost seven million of records belong to minors.

It is still not clear how the leak happened. The data was stored on servers located in Miami, belonging to an Ecuadorian company Novaestrat. The affair has been uncovered by Israeli based company vpnMentor which alerted the Ecuadorian government. In the report published by the company, there are leaked data categories. Among them there is basic information such as full name, gender, date and place of birth, documents and security numbers, banking accounts numbers, occupation, home addresses, phone numbers, email addresses, in some cases even the account balance, vehicles plate numbers and other data, parents names and ID numbers and others. Some data of Ecuadorian companies also suffered the leak.

The screenshot of a typical record (Source: vpnMentor)

The following they after revealing the case by media, the Minister of Telecommunication of Ecuador Andrés Michelena assured, that Ecuadorians’ data are already safe. The government knew about the leak five days earlies, on the 11th September. The minister assured that there were no cybernetic attacks or hacking attempts. The investigation was launched with main responsibility attributed to persons linked to Novaestrat – who coincides to be former high officials linked to the previous government. Furthermore, the president Lenin Moreno informed that soon the Personal Data Protection Law, which has been being worked on for the last months, will be introduced.

In an obvious way, such leak poses a serious risk for the security of affected people – but also for the informational security in general. The most probable consequence can be an increase in the amount of spam – both phone and email. As the experts of vpnMentor point, there is a huge risk of scams – using leaked information, criminals can build trust and get even more data or other profits. This way, we reach the serious risk from the informational security point of view. The identity theft is real and even easy with such precise information. It increases the threat of financial crimes, but we cannot forget that the real data of real people can be also used to create fake profiles in social media or to just steal already existing ones.

vpnMentor recommends all Ecuadorians changing their passwords with a special attention to their strength, switching on double security options and renewing the access credentials of all devices.

An especially interesting thing of all this disaster is the fact, that among the data there is also Julian Assange’s record. He is the creator of WikiLeaks, till 2019 he was a fugitive in Ecuadorian embassy where he had been granted the asylum. In the end of 2017, he received Ecuadorian citizenship.

The screenshot of Julian Assange’s record (Source: vpnMentor)


Sources: vpnMentor, El Comercio, El Universo, BBC