Number Of Individuals Impacted: 15.7 Million
ClearVoice learned in April that an unauthorized user had posted a database online containing profile information of survey participants from August and September 2015 and was offering information to the public for purchase. The accessible data included contact information, passwords, and responses to questions users answered about health condition, political affiliation, and ethnicity.
The data sets could be misused by bad actors, resulting in survey participants getting contacted for purposes such as advertising, ClearVoice said. In addition, the accessible information might be used to prepare personal profiles, which could be used in a commercial or political context, according to ClearVoice.
Within an hour of receiving the email from the unauthorized user, ClearVoice said it located the backup file, secured it, and eliminated any further exposure to the file in the cloud service. ClearVoice also forced a password reset for all members whose information was potentially exposed, and implemented security measures to prevent a recurrence of such an incident and protect the privacy of member data.