LocalBlox Leaks 48 Million Personal Records: What Happened? – Veri Sızıntısı
Live
Search
Company
About Founder's Note Press & Media Privacy Policy Terms of Service FAQ Brand Kit
Products
HUBOne HUBCorp Coming Soon Veri Sızıntısı Android Coming Soon Veri Sızıntısı iOS Coming Soon Veri Sızıntısı Huawei Coming Soon Breach Radar Argus Flow Argus Engine LivePlatform
Technologies
What is Argus AI? Try on HUBOne What is Argus Flow? What is Argus Engine?
Blog Contact

Private Intelligence Firm Leaks 48 Million Records

We examine how over 48 million personal data records were leaked from the systems of a private intelligence search service called LocalBlox, and what it means for you.

A locked data cabinet glowing in the dim light of a server room, representing cybersecurity and data breach concepts.

What Happened

The date is May 25, 2026, and the cybersecurity world is once again shaken by a massive data leak. This time, it's not the work of a sophisticated hacker group or the result of a complex cyber operation. It's a case of simple negligence turning into a colossal disaster. A little-known private intelligence and data aggregation company, LocalBlox, left the personal data of a staggering 48 million people completely unprotected in the middle of the internet. Yes, you read that right. Snippets from the lives of millions of people were sitting there like an abandoned suitcase on a digital highway.

The incident was uncovered by the cyber risk team at cybersecurity firm UpGuard. During their routine scans, researchers discovered a publicly accessible cloud storage bucket hosted on Amazon Web Services (AWS). Inside this digital repository was a single, massive 1.2-terabyte compressed file: localblox_dataset.zip. This file contained detailed profiles of 48 million individuals, data that the company had scraped from all corners of the internet, especially social media platforms.

This is precisely what LocalBlox does. It takes publicly available information from platforms like LinkedIn, Facebook, and Twitter, and combines it to create incredibly detailed digital dossiers on people. Who works where, who their friends are, what their interests are, where they live... They merge all these pieces and sell them to marketers, recruiters, and who knows who else. And this massive trove of data, due to the failure to set a basic security measure—restricting access—was available for anyone who knew the address to download with a single click.

Has your email been leaked? Check for free — results in seconds.

Check Now →

Data Exposed

The content of the leaked data is like a complete inventory of a person's digital identity. This isn't just a list of names and emails; it's much more. The dataset included the following:

  • Full Names: The identities of millions of people, with their first and last names clearly listed.
  • Email Addresses: Both personal and business email addresses. This is a goldmine for targeted phishing attacks.
  • Physical Addresses: People's home and work addresses. The leak of this information has the potential to turn digital threats into physical dangers.
  • Phone Numbers: Phone numbers that can be used directly for scams and harassment.
  • IP Addresses: The last known IP addresses from which users connected to the internet, which can give a general idea of their geographic location.
  • LinkedIn Profiles: This is one of the most critical parts. All data scraped from LinkedIn, such as job history, current position, employer, skills, and connections.
  • Facebook and Twitter Information: General profile information, interests, and other public posts collected from these platforms.

Now, take a moment to think. An attacker can see where you live, where you work, your email address, and your professional history all in one file. How convincing a scam scenario could they write by combining this data? For example, imagine receiving an email that starts with, "Hello [Your Name], we have a special offer for you regarding your position at [Your Company]..." and appears to know your entire career history. How low would your chances of not clicking be? This is exactly where the danger lies. This leak shows how powerful a weapon individual data points can become when they are aggregated.

How the Attack Happened

The most tragicomic aspect of this incident is that there was no real "attack." No one breached LocalBlox's servers, bypassed their firewalls, or wrote complex code to crash their systems. The problem was much simpler and more foolish: someone left the door to the digital vault wide open.

To explain it technically, Amazon S3 cloud storage services are set to private access by default. This means they are configured so that only authorized individuals can access them. However, a user can change this setting to "public." Why would they do that? Sometimes it's necessary to host images or public files for a website. But you should never, ever leave a 1.2-terabyte archive containing the personal data of 48 million people configured this way. That's exactly what LocalBlox did.

This is a painful example of the "shared responsibility model" in cloud security. Amazon is responsible for the security *of* the cloud—things like the physical security of servers and the network infrastructure. But the security *in* the cloud—the data you put on that infrastructure and its access settings—is entirely your responsibility, the customer's. LocalBlox failed to fulfill this responsibility. This leak reminds us once again how vital the most basic settings are, even before considering expensive cybersecurity software. Sometimes the biggest threat isn't a hacker outside, but a single wrong click by an employee inside.

Who Is Affected

So, who are these 48 million people? The answer is simple: almost anyone with a public profile on platforms like LinkedIn, Facebook, or Twitter. The data appears to have been collected from users of these global platforms rather than from a specific country. So, if you are reading these lines and are active on these platforms, you could very well be a part of that massive list.

The most disturbing aspect of this situation is that people did not give this data to LocalBlox voluntarily. No one signed up for LocalBlox or checked a box saying, "you can collect my data." The company treated the internet like a mine, scraping every piece of public information to build its database. This raises serious questions about the ethics of data privacy. Is it acceptable for a company to take information we share publicly, combine it into a product, and then protect it so carelessly? This leak exposes not only one company's security failure but also how fragile and unregulated the entire data brokerage industry is.

What You Can Do

Let's set aside the classic "change your password" advice. This leak isn't about passwords, and once the data is out, there's no going back. That file is already in someone's hands. However, this doesn't mean you're helpless. Here are specific steps you can take for this incident:

  • Control Your Digital Shadow: The source of this leak was public social media profiles. Go to your LinkedIn, Facebook, and Twitter accounts right now. Find the privacy tab in the settings menu. Who can see your profile? Who are your posts visible to? Did you leave your email address or phone number visible to everyone? Tighten these settings. On LinkedIn especially, prevent people outside your connections from seeing your email. This will make future data scraping more difficult.
  • Be Wary of Hyper-Targeted Phishing Attacks: Be twice as skeptical of the emails and messages you receive in the coming months. Attackers will no longer just say, "Dear Customer." They will send highly personal and convincing messages like, "Hello [Your Name], I'm reaching out to you regarding your position as [Your Position] at [Your Company]..." They might reference your past work experience or interests. Do not click on any links or download any files from an email from someone you don't know that contains your personal information.
  • Become Aware of Data Brokers: There are hundreds of companies like LocalBlox. Be aware of their existence—companies that collect and sell data about you. While there are services that help you remove your data from such companies, it is often a difficult process. But the first step is to be aware of this ecosystem. Remember that every piece of information you share is being aggregated somewhere and turned into a product.

What the Company Says

After discovering the leak, UpGuard contacted LocalBlox. The company's initial reaction might have been the classic mix of panic and denial often seen in these situations. However, after the evidence was presented, the unprotected cloud storage was quickly secured, and public access was shut down.

But so far, there has been no comprehensive public statement from LocalBlox to clarify the situation. The company seems to prefer to remain silent. Questions about what will happen to the 48 million affected individuals, who might have downloaded their data, and what the company's responsibility towards them is, remain unanswered for now. Often, companies in this situation choose to stay under the radar, hoping the incident will be forgotten. However, it seems unlikely that such a massive failure that endangered the digital lives of 48 million people can be swept under the rug with silence.

Source

https://www.upguard.com/breaches/s3-localblox

Share This Article
X LinkedIn WhatsApp
← Previous Post DocketWise Data Breach Hits 143,000 People Next Post → Datavant to Pay $900K to Settle Data Breach Lawsuit

Weekly Newsletter

Curated data breach news delivered to your inbox every week.