When the Personal Data of All Citizens of a Country Got Leaked

Must Read

Apple Store In India: More Of Disappointment Than Excitement?

Apple has started making moves to strengthen its presence in India. With the launch of Apple online...

Windfall! Online Grocery Market In India Looks Set For Purple Patch Ahead

Silver linings are clearly in short supply in the pandemic fuelled world that we have come to...

Facebook’s Chasm Of Distrust: An Ever-Deepening Divide

Facebook, the world's most popular social media platform has failed measurably as it is voted as the...

How would you react if you are told that sensitive personal information of all the citizens of a country could be leaked? Shocking, isn’t it?

vpnMentor recently released an alarming report revealing that the personal data of almost all of Ecuador’s citizens has been breached. This breach was discovered by vpnMentor’s research team, headed by Noam Rotem and Ran Locar, and was tracked to an unsecured server in Miami, Florida, believed to be owned by Novaestrat, a data analytics company based in Ecuador.

Ecuador has a population of approximately 16.62 million. However, the contents of this leaked data consist of almost 18 GB of highly sensitive personal information about well over 20 million individuals. This discrepancy can be attributed to the inclusion of the personal data of deceased persons. Among the leaked data, the personal information of minors was also found. Some of these entries belonged to babies born as late as the first quarter of 2019.


The Kind of Personal Information in the Breach

The leaky database holds a wide array of personal data that can be misused against the concerned people by scammers and cybercriminals. The following is a gist of the information discovered:

  • Personal information such as name, age gender, date and place of birth, home address, marital status, educational level, cell phone numbers, email address, etc.
  • Sensitive financial information like account status, current balance, credit type,  taxpayer IDs, Cedula number – which is the Ecuadorian equivalent of a social security number, etc.
  • Employment details like name and location of employer, employer’s taxpayer id, salary information, job start and end date, etc,
  • Automobile information such as the model of car and license plate number.

This data was acquired from the government’s civil registry, an Ecuadorian bank, and the Association of Automotive Companies of Ecuador.

The authenticity of some of these credentials was verified by ZDNet by contacting some of the people in the database.

Implications of the Ecuador Data Breach

vpnMentor filed a report against the exposed data to Ecuador’s telecommunications ministry on 11 September and the leaked data was secured that same day.

However, it is unknown whether vpnMentor’s researchers found this information before scammers and phishers did.


If in the wrong hands, the leaked data can have potentially threatening and/or long term consequences. It can lead to identity theft, financial fraud, an easier bypass for scammers, and, in extreme cases, theft and kidnapping.

On 16 September, a raid was carried out at the Novaestrat office and various types of equipment were seized. The general manager, who’s resident served as the office, was also arrested.

On the same day, Telecommunications Minister Andres Michelena announced that a personal data protection bill had been expedited to the National Assembly.

In this day and age of rapid digitization, the personal information of everyone is under threat of being breached. It is a well-known fact that the data of consumers is stored, copied, bought, and sold by third parties on the daily. This incident of the leak of an entire country’s data has showcased the magnitude at which data can be compromised.

Some common causes of data breaches are security vulnerabilities in any given database, malware, misuse by insiders, weak passwords, unencrypted data storing, and scams.

Digital storage of data cannot be escaped in modern society. To immune people’s data against these threats, it is important that governments and data analytics companies take rigorous measures to ensure data security over everything else.


Please enter your comment!
Please enter your name here

Latest News

The Raining Discounts Are Coming As Flipkart And Amazon Gears Up For Festive Season Sale

The festival season is about to begin and eCommerce majors in India Amazon and Flipkart are aiming...

Amazon, Google And Microsoft Are Extreme Angry With TRAI

The big three of the tech industry - Amazon, Microsoft And Google - seems to be quite annoyed. Cloud...

New Android Malware Steals Your Banking Credentials And Let Hackers Access Your Smartphone

If you are an active user of banking apps on your Android smartphone, you must pay close attention to it.

An IT Service Help Desk Is Essential To Drive Business Growth

There's no debate about the fact that an IT service desk, when properly run, leads to both short-term and long-term business growth....

Chinese Investment In Indian Startups Is Now A Distant Dream

When the Indian Government changed its FDI policy in late April, China got handed the short end of the stick for investing...

Why Is Google Pay In Hot Water in India?

Google Pay has been treading in hot water over a Public Interest Litigation as of late. The company is...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This