The find was made by Chris Vickery, director of Cyber Risk Research at the securty firm UpGuard, on 6 October at the subdomain "alteryxdownload"
In a blog post, UpGuard said that within the repository were massive datasets belonging to Alteryx partner Experian, the consumer credit reporting agency, as well as the US Census Bureau, providing datasets from both Experian and the 2010 US Census.
While the Census data was publicly accessible, Experian’s ConsumerView marketing database contained both public details and more sensitive data. "Taken together, the exposed data reveals billions of personally identifying details and data points about virtually every American household," UpGuard claimed.
While the exposed files included Alteryx software releases and development files for applications which the firm had sold to its analytics customers, there were two other third-party files that were of greater concern.
One of the files contained data compiled about Americans; it contained more than 123 million rows, each about a different American household.
UpGuard said: "While each of the tens of millions of rows represents a different US household, the 248 columns cross-indexed compiles each household’s known or modelled personal details, preferences, and behaviour across a wide array of categories.
"With a total of over 3.5 billion fields to be filled with such data points, the index’s incredibly detailed level of insight is, ultimately, precisely what Experian claims to offer with its ConsumerView product, as described in a 2016 marketing brochure: 'ConsumerViewSM is the largest and most comprehensive resource for traditional and digital marketing campaigns. With thousands of attributes on more than 300 million consumers and 126 million households, ConsumerView data provides a deeper understanding of your customers, resulting in more actionable insights across channels'."
In the past, UpGuard has found misconfigured Amazon Web Services S3 buckets leaking data from credit repair service National Credit Federation, the NSA, the Pentagon, global corporate consulting and management firm Accenture, publisher Dow Jones, a Chicago voter database, a North Carolina security firm, and a contractor for the US National Republican Committee.