100 million+ US citizens have records leaked by background check service


A background check left a huge database unprotected online containing 2.2TB of people’s data, according to research by Cybernews. The database was left passwordless and easily accessible to anyone on the internet by background check firm MC2 Data.

MC2 Data gathers publicly available data to provide decision makers with information whether someone can rent a house, work at their firm, or be granted a loan. The data is usually gathered from online sources like criminal records, employment history, family data, and contact details.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • Supermarket chain Lidl warns customers after data leak

    July 10, 2026

    Unknown individuals managed to gain access to customer data held by the supermarket chain Lidl. The German company informed affected customers of this via email this week. Thus far, the supermarket chain has declined to say how many customers were affected. However, the discount retailer did state that it has notified the Dutch Data Protection Authority. Read ...

  • Accenture confirms breach after hacker steals 35GB of source code and other data

    July 9, 2026

    Accenture has confirmed suffering a cyberattack, days after threat actors started selling an archive allegedly coming from the firm. “We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery,” Accenture said in a statement. It follows a relatively unknown threat actor called 888 posting ...

  • An unnamed US county paid $1M extortion demand to cybercriminals

    July 9, 2026

    A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just the criminals’ promise. This means the county’s stolen files may turn up for sale on a ...

  • 6.9 million driver’s license numbers stolen from AssuranceAmerica

    July 9, 2026

    Insurance provider AssuranceAmerica has confirmed a data breach affecting the personal information and driver’s license numbers of up to 6.9 million people. AssuranceAmerica provides car and rental insurance to customers across 14 US states through a network of over 9,500 independent agents. The breach notice letter also mentions information about customers’ auto insurance policies and accounts, their drivers and ...

  • AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

    July 3, 2026

    AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals. The attack targeted an ...

  • Hackers breached DHS information-sharing network

    June 30, 2026

    A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter. DHS investigators are probing the intrusion of the Homeland Security Information Network, said both people, who spoke on ...