Zack Whittaker reports on a leak by Oracle’s BlueKai that exposed tons of consumer data. Oracle’s not saying what companies are to blame for the leak, but the leak was described as involving “billions of records.”
TechCrunch reviewed the data and found names, home addresses, email addresses and other identifiable data in the database. The data also revealed sensitive users’ web browsing activity — from purchases to newsletter unsubscribes.
Read Zack’s report on TechCrunch. The leak had been found by security researcher Anurag Sen and was responsibly disclosed to the company, but has the company responsibly and transparently disclosed this leak? What do logs show in terms of access? Has Oracle notified the California Attorney General’s Office?
And should the FTC and Congress being looking into this leak as a cautionary tale of what can happen to all consumers? Should there be requirements that data that can be tied to an individual user be deleted after a fixed amount of time — if we agree to allow companies to even collect it to begin with?