When the Personal Data of All Citizens of a Country Got Leaked

Must Read

How To Leverage On Cold Calling to Help You Win Big In 2021

Cold calling is an old-fashioned sales strategy that involves sales representatives reaching out to prospective customers who have not...

Are You A Gaming Geek: ‘Five Commandments’ Before You Buy Video Games Online !

Does your day start with joysticks instead of coffee mugs? Or as a kid your best friends were the...

The Growth of OTT: Blip in the Radar Or a Real Threat to Traditional TV?

People are attached to their smartphones way more than they're to any other gadget. In fact, the average person...

How would you react if you are told that sensitive personal information of all the citizens of a country could be leaked? Shocking, isn’t it?

vpnMentor recently released an alarming report revealing that the personal data of almost all of Ecuador’s citizens has been breached. This breach was discovered by vpnMentor’s research team, headed by Noam Rotem and Ran Locar, and was tracked to an unsecured server in Miami, Florida, believed to be owned by Novaestrat, a data analytics company based in Ecuador.

Ecuador has a population of approximately 16.62 million. However, the contents of this leaked data consist of almost 18 GB of highly sensitive personal information about well over 20 million individuals. This discrepancy can be attributed to the inclusion of the personal data of deceased persons. Among the leaked data, the personal information of minors was also found. Some of these entries belonged to babies born as late as the first quarter of 2019.


The Kind of Personal Information in the Breach

The leaky database holds a wide array of personal data that can be misused against the concerned people by scammers and cybercriminals. The following is a gist of the information discovered:

  • Personal information such as name, age gender, date and place of birth, home address, marital status, educational level, cell phone numbers, email address, etc.
  • Sensitive financial information like account status, current balance, credit type,  taxpayer IDs, Cedula number – which is the Ecuadorian equivalent of a social security number, etc.
  • Employment details like name and location of employer, employer’s taxpayer id, salary information, job start and end date, etc,
  • Automobile information such as the model of car and license plate number.

This data was acquired from the government’s civil registry, an Ecuadorian bank, and the Association of Automotive Companies of Ecuador.

The authenticity of some of these credentials was verified by ZDNet by contacting some of the people in the database.

Implications of the Ecuador Data Breach

vpnMentor filed a report against the exposed data to Ecuador’s telecommunications ministry on 11 September and the leaked data was secured that same day.

However, it is unknown whether vpnMentor’s researchers found this information before scammers and phishers did.


If in the wrong hands, the leaked data can have potentially threatening and/or long term consequences. It can lead to identity theft, financial fraud, an easier bypass for scammers, and, in extreme cases, theft and kidnapping.

On 16 September, a raid was carried out at the Novaestrat office and various types of equipment were seized. The general manager, who’s resident served as the office, was also arrested.

On the same day, Telecommunications Minister Andres Michelena announced that a personal data protection bill had been expedited to the National Assembly.

In this day and age of rapid digitization, the personal information of everyone is under threat of being breached. It is a well-known fact that the data of consumers is stored, copied, bought, and sold by third parties on the daily. This incident of the leak of an entire country’s data has showcased the magnitude at which data can be compromised.

Some common causes of data breaches are security vulnerabilities in any given database, malware, misuse by insiders, weak passwords, unencrypted data storing, and scams.

Digital storage of data cannot be escaped in modern society. To immune people’s data against these threats, it is important that governments and data analytics companies take rigorous measures to ensure data security over everything else.


Please enter your comment!
Please enter your name here

Latest News

PhonePe Revenue in FY21 Soared 85%, Offered ESOPs Worth ₹843 Crore

PhonePe, the market leader in UPI transactions and financial services, announced a significant declined of 44 percent in losses...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This