Skip to content
Get started
4 min read Security
Back

PDL / OXY Data Breach

Dec 03 2019

12/3/2019 Initial Info:

On December 1st we were alerted of a large breach of information contained in the PDL and OXY database. The source of this data breach is still unknown.

The details are still somewhat unclear, but here is what we know.  A researcher discovered open databases on October 16th. These databases contained data from two companies, People Data Labs (PDL) and OxyData.Io (OXY).

Both PDL and OXY are “Data Enrichment” companies.  They conduct legitimate and legal activities to collect information about people and offer their data for sale to third parties. This data could be used for many purposes, including direct marketing, or more sophisticated data research activities.

PDL and OXY were not breached, and they did not leak your information.  This information was leaked as a result of poor security by an undisclosed customer who purchased the lists from PDL and OXY.

The information from PDL included approximately 1.2 billion unique people and 650 million email addresses. The OXY data contained approximately 380 million people, mostly LinkedIn data. At this time, there has not been any attempt to cross-compare the PDL and OXY data for duplicates. It is safe to assume that a significant portion of the US population is in this data. The data that was breached could include:

  • First and Last Name
  • Email address (business and/or personal)
  • Phone Number(s)
  • URL for Facebook, Twitter, and LinkedIn

There have been extensive attempts to determine the person or company that caused these records to leak, without success.  There will likely be further attempts, but this could take a year or more to bear fruit.  When more relevant information is available, Worksighted will update you. Likely the party responsible for this breach has reporting requirements, but as of now, they remain anonymous, so there are no current ways to force them to comply with these reporting requirements. 

Additionally, at this time there is no action that can be taken by the affected individuals.  This information cannot be reclaimed. At this time, this notice is informational only.  We feel that it is important to monitor and alert individuals of data breaches, even if there are no available solutions.

We will keep this post updated with any relevant information as it becomes available. 

Have a question?

Our team are here to help whenever you need us. Drop us a line and we’ll be in touch ASAP. 

Get in touch
Worksighted Logo

About the author

Worksighted Team

We are a team of over-enthusiastic people, ready to help our clients utilize technology to spur growth! We love technology and come to work every day eager to solve problems and find ways to impact our clients.

Blogs

Discover real-life insights on how Worksighted can transform your business. 

Blog 4 minute read

Managed Services vs. Professional Services: What’s the Difference?

Read more
4 Steps for New Technology
Blog 4 minute read

Our 4-Step Approach to Implementing New Technology

Read more
woman on laptop
Blog 4 minute read

Understanding the Importance of Data Privacy

Read more
Blog 4 minute read

How to Effectively Manage Your IT Budget: 10 Easy Steps to Prepare Your Business

Read more
Blog 4 minute read

Customer Relationships in IT: 5 Foundational Building Blocks for Success

Read more