Almost entire population of Ecuador has data leaked

Ecuadorian police and investigators raid the home of Novaestrat's legal representative on September 16, 2019.

(CNN)The detailed information of potentially every person in Ecuador has been leaked online, in a massive and unprecedented national data breach, it was revealed on Monday.

More than 20 million people, including an estimated 7 million minors, were exposed in the leak, which was uncovered by internet security firm vpnMentor during a routine project.
Ecuador is home to about 16.5 million people, meaning that the entire population could have been affected. The additional few million may be because the leaked data also included the details of deceased individuals, according to the Ecuadorian State Attorney General's Office.
    It is not known at this stage precisely how many living Ecuadorians have been affected.
    According to the vpnMentor report, released Monday, the breach was found on an unsecured server in Miami, which appeared to be owned by Ecuadorian consulting and analytics company Novaestrat.
    The breach exposed a host of personal information for the millions affected -- their full names, date and place of birth, home and email addresses, national identification numbers and taxpayer numbers, employment information, and more.
    On a raid on September 16, investigators seized computers, documents, and electronic devices in the home of William Roberto G.
    Financial information was also leaked, including bank customers' account status, balance, and credit type.
    Even Wikileaks founder Julian Assange's information was found among the trove of leaked data, said the report. Assange was granted political asylum and lived in the Ecuadorian embassy in London from 2012 until this year.
    VpnMentor reported the breach to Ecuadorian officials on September 11, according to the country's telecommunications ministry. The breach was quickly closed, but the damage was done.
    "Once data has been exposed to the world, it can't be undone," warned the vpnMentor report. "The database is now closed, but the information may already be in the hands of malicious parties."
    The leak now places individuals and companies at risk for identity theft, financial fraud, business espionage, and other security threats, the report said.