Billions of internet activity records tracked by Oracle’s BlueKai leaked online

BlueKai, a company bought by Oracle in 2014, has leaked. The database of internet activity records was left on the open web in an unsecured server. 

The leaked data was discovered by Anurag Sen, who went through the disclosure process with the help of a cybersecurity firm called Hudson Rock. Thus far, Oracle has not officially announced the leak and didn’t indicate whether they informed the people that may have had their information breached. Additionally, they declined to indicate to TechCrunch whether or not they even reported the data leak to authorities, as law dictates.

Oracle is just one of the many companies that build these types of profiles on potential advertising targets. Some of them even get the information directly from your internet service provider (ISP) or mobile data provider because Congress voted to allow such privacy breaching activity in 2017. 

BlueKai uses a more traditional route with web cookies, tracking pixels, and other tracking tools that fingerprint users across the web. The internet activity records include web browsing activity, information about unsubscribe actions, the device and browser used, and more.

When BlueKai sells the data to advertising companies, they remove personal information such as name and address from the records that are shared. However, the leaked information does contain deanonymizing information. In the leaked records, the TechCrunch team viewed personal information ranging from email address, physical address, full name, and more.

Some people often dismiss the privacy concerns of web browsing activity and internet history being siphoned up and sold wholesale. First off, the existence of that data means that it will be leaked at some point.