Cyber breaches abound in 2019
https://techcrunch.com/2018/12/26/cyber-breaches-abound-in-2019/
News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.
Is this a harbinger of a worse hacking landscape in 2019?
The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also data-driven businesses simultaneously move into the “target zone” of cyber attacks.
On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.
Here are links to some articles that can hopefully help you to handle your cyber security better:
Cybersecurity 101: Why you need to use a password manager
https://techcrunch.com/2018/12/25/cybersecurity-101-guide-password-manager/
Cybersecurity 101: Five simple security guides for protecting your privacy
https://techcrunch.com/2018/12/26/cybersecurity-101-security-guides-protect-privacy/
622 Comments
Tomi Engdahl says:
Millions of bank loan and mortgage documents have leaked online
https://techcrunch.com/2019/01/23/financial-files/?sr_share=facebook&utm_source=tcfbpage
Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks
Tomi Engdahl says:
Zack Whittaker / TechCrunch:
Researcher: 24M+ financial and banking documents, representing tens of thousands of loans and mortgages, were left exposed online by Texas-based firm Ascension — Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks
https://techcrunch.com/2019/01/23/financial-files/
Millions of bank loan and mortgage documents have leaked online
Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks
Tomi Engdahl says:
North Carolina Reintroduces Strict Data Breach Notification Law
https://healthitsecurity.com/news/north-carolina-reintroduces-strict-data-breach-notification-law
The proposed legislation would give all organizations just 30 days to report a breach to the state, while giving consumers more transparency into where their data lives.
Tomi Engdahl says:
Confidential data of 14,200 people with HIV leaked online by deported American: MOH
https://www.todayonline.com/singapore/confidential-information-14200-individuals-hiv-illegally-disclosed-online-moh?cid=emarsys-today_TODAY%27s%20evening%20briefing%20for%20Jan%2028,%202019%20%28ACTIVE%29_newsletter_28012019_today
SINGAPORE — The confidential information of 14,200 individuals diagnosed with the human immunodeficiency virus (HIV) and over 2,000 others is in the hands of a deported American fraudster, and has been illegally disclosed online, said the Ministry of Health (MOH) on Monday (Jan 28).
Tomi Engdahl says:
Hackers Are Passing Around a Megaleak of 2.2 Billion Records
https://www.wired.com/story/collection-leak-usernames-passwords-billions/
When hackers breached companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more into a gargantuan, unprecedented collection of 2.2 billion unique usernames and associated passwords and is freely distributing them on hacker forums and torrents, throwing out the private data of a significant fraction of humanity like last year’s phone book.
Earlier this month, security researcher Troy Hunt identified the first tranche of that mega-dump, named Collection #1 by its anonymous creator, a patched-together set of breached databases Hunt said represented 773 million unique usernames and passwords. Now other researchers have obtained and analyzed an additional vast database called Collections #2–5, which amounts to 845 gigabytes of stolen data and 25 billion records in all.
“This is the biggest collection of breaches we’ve ever seen,”
Size Over Substance
Despite its unthinkable size, which was first reported by the German news site Heise.de, most of the stolen data appears to come from previous thefts, like the breaches of Yahoo, LinkedIn, and Dropbox. WIRED examined a sample of the data and confirmed that the credentials are indeed valid, but mostly represent passwords from years-old leaks.
But the leak is still significant for its quantity of privacy violation
“For the internet as a whole, this is still very impactful.”
Rouland notes that he’s in the process of reaching out to affected companies, and will also share the data with any chief information security officer that contacts him seeking to protect staff or users.
Rouland speculates that the data may have been stitched together from older breaches and put up for sale, but then stolen or bought by a hacker who, perhaps to devalue an enemy’s product, leaked it more broadly.
Tomi Engdahl says:
https://www.heise.de/amp/meldung/Neue-Passwort-Leaks-Insgesamt-2-2-Milliarden-Accounts-betroffen-4287538.html
Tomi Engdahl says:
India’s largest bank SBI leaked account data on millions of customers
https://techcrunch.com/2019/01/30/state-bank-india-data-leak/
India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions.
The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by customers of the government-owned State Bank of India (SBI), the largest bank in the country and a highly ranked company in the Fortune 500.
Tomi Engdahl says:
Airbus Suffers Data Breach, Some Employees’ Data Exposed
https://thehackernews.com/2019/01/airbus-data-breach.html
European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information.
Tomi Engdahl says:
Double exposure: 24 million loan records also exposed on open Amazon S3 bucket
https://www.scmagazine.com/home/security-news/data-breach/double-exposure-24-million-loan-records-also-exposed-on-open-amazon-s3-bucket/
The original mortgage and credit documents involved in the 24 million Elasticsearch data breach that was revealed earlier this week also have been found residing in an open Amazon S3 bucket by the cyber researcher behind the original discovery.
Diachenko said the open S3 server is particularly inexcusable as these come with a preset password, but in this case it would appear someone went in and removed it leaving the data exposed.
Tomi Engdahl says:
Four new caches of stolen logins put Collection #1 in the shade
https://www.welivesecurity.com/2019/02/01/four-new-caches-of-stolen-logins-put-collection-1-in-the-shade/
The recently discovered tranches of stolen login credentials freely floating around the internet total 2.2 billion records
Tomi Engdahl says:
Chinese facial recognition company left database of people’s locations exposed
https://www.cnet.com/news/chinese-facial-recognition-company-left-database-of-peoples-location-exposed/
There were more than 6.8 million records from the last 24 hours alone that anyone could access.
A Chinese facial recognition company left its database exposed online, revealing information about millions of people, a security researcher discovered.
SenseNets, a company based in Shenzhen, China, offers facial recognition technology and crowd analysis, which the company boasted in a promotional video could track people across cities and pick them out in large groups.
But the company failed to protect that database with a password
From the last 24 hours alone, there were more than 6.8 million locations logged, Gevers said. Anyone would be able to look at these records and track a person’s movements based on SenseNets’ real-time facial recognition.
Tomi Engdahl says:
Chinese company leaves Muslim-tracking facial recognition database exposed online
https://www.zdnet.com/article/chinese-company-leaves-muslim-tracking-facial-recognition-database-exposed-online/
Researcher finds one of the databases used to track Uyghur Muslim population in Xinjiang.
Tomi Engdahl says:
Hackers Wipe VFEmail Servers, May Shut Down After Catastrophic Data Loss
https://www.bleepingcomputer.com/news/security/hackers-wipe-vfemail-servers-may-shut-down-after-catastrophic-data-loss/
The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems.
According to VFEmail’s owner, the hackers did not leave a ransom note and, given the extent of the destruction, the service will most likely go offline to never return.
Tomi Engdahl says:
Up to 100,000 Reported Affected in Landmark White Data Breach
https://www.darkreading.com/threat-intelligence/up-to-100000-reported-affected-in-landmark-white-data-breach/d/d-id/1333859
Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.
Tomi Engdahl says:
500px photo-sharing site says it was hacked in 2018
https://www.cnet.com/news/500px-photo-sharing-site-reveals-2018-hack/
Hack last summer exposed all usernames and hashed passwords, but not credit card information.
Tomi Engdahl says:
https://support.500px.com/hc/en-us/articles/360017752493-Security-Issue-February-2019-FAQ
Tomi Engdahl says:
500px reveals almost 15 million users are caught up in security breach
https://www.digitaltrends.com/computing/500px-almost-15-million-users-caught-up-in-security-breach/
https://support.500px.com/hc/en-us/articles/360017752493-Security-Issue-February-2019-FAQ
Tomi Engdahl says:
Indecent disclosure: Gay dating app left “private” images, data exposed to Web (Updated)
Online-Buddies was exposing its Jack’d users’ private images and location; disclosing posed a risk.
https://arstechnica.com/information-technology/2019/02/indecent-disclosure-gay-dating-app-left-private-exposed-to-web/
Tomi Engdahl says:
Germany just deleted Facebook
https://boingboing.net/2019/02/07/zuckerbackpfeifengesicht.html
Germany’s Federal Cartel Office (Bundeskartellamt, the country’s antitrust regulator) has ruled that Facebook can’t combine user data aggregated from different sources (Facebook usage data, data from pages with Facebook Like buttons, data purchased from third parties, etc), because users can’t reasonably anticipate the way these different datastreams might be combined, nor the kinds of inferences that could be gleaned thereby.
Tomi Engdahl says:
Hacker who stole 620 million records strikes again, stealing 127 million more
https://techcrunch.com/2019/02/14/hacker-strikes-again/?utm_source=tcfbpage&sr_share=facebook
A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from eight more websites, TechCrunch has learned.
Tomi Engdahl says:
“Mahdoton” tietovuoto: 2,7 miljoonaa terveysneuvonnan puhelutallennetta avoimella palvelimella
https://www.tivi.fi/Kaikki_uutiset/mahdoton-tietovuoto-2-7-miljoonaa-terveysneuvonnan-puhelutallennetta-avoimella-palvelimella-6758802
Tomi Engdahl says:
2,7 miljoner inspelade samtal till 1177 Vårdguiden helt oskyddade på internet
https://computersweden.idg.se/2.2683/1.714787/inspelade-samtal-1177-vardguiden-oskyddade-internet
Computer Sweden avslöjar: alla telefonsamtal som ringts till 1177 sedan 2013 och som tagits emot av vårdentreprenören Medicall har legat helt öppet som ljudfiler på en oskyddad webbserver.
Tomi Engdahl says:
India’s state gas company leaks millions of Aadhaar numbers
https://tcrn.ch/2SKFkjF
Tomi Engdahl says:
Another day, another information leak an now very relevant to topic on this group now reported by Computer Sweden: voice data from 2.7 million telephone calls on open public server for anyone to access. This was collection of all calls made to public health help line in Sweden starting from 2013 so contain health information. Many file names had caller telephone number in their name. Companies involved said this is not technically possible and this looks like a disaster…
2,7 miljoner inspelade samtal till 1177 Vårdguiden helt oskyddade på internet
https://computersweden.idg.se/2.2683/1.714787/inspelade-samtal-1177-vardguiden-oskyddade-internet
“Mahdoton” tietovuoto: 2,7 miljoonaa terveysneuvonnan puhelutallennetta avoimella palvelimella
https://www.tivi.fi/Kaikki_uutiset/mahdoton-tietovuoto-2-7-miljoonaa-terveysneuvonnan-puhelutallennetta-avoimella-palvelimella-6758802
Tomi Engdahl says:
ZDNet:”As reported by the South China Morning Post, some of Taiwan’s most sensitive military sites have been revealed publicly through the update, which included new three-dimensional renditions of Taipei, New Taipei, Taoyuan, and Taichung.”
https://www.zdnet.com/article/google-maps-update-accidentally-reveals-secret-military-sites/
Tomi Engdahl says:
2.7 million patient calls to Swedish healthcare hotline left unprotected online
https://www.google.com/amp/s/thenextweb.com/eu/2019/02/18/2-7-million-patient-calls-to-swedish-healthcare-hotline-left-unprotected-online/amp/
Tomi Engdahl says:
Hacker puts up for sale third round of hacked databases on the Dark Web
https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/
Hacker is selling 93 million user records from eight companies, including GfyCat.
Tomi Engdahl says:
Dow Jones’ watchlist of 2.4 million high-risk individuals has leaked
https://techcrunch.com/2019/02/27/dow-jones-watchlist-leak/
A watchlist of risky individuals and corporate entities owned by Dow Jones has been exposed, after a company with access to the database left it on a server without a password.
Bob Diachenko, an independent security researcher, found the Amazon Web Services-hosted Elasticsearch database exposing more than 2.4 million records of individuals or business entities.
Tomi Engdahl says:
Armor Games admits all its users’ deets slurped in database mega-hack as site moves to repair chink
We were caught in hack that bled 617 million online accounts
https://www.theregister.co.uk/2019/03/04/armor_games_breach_disclosure/
Tomi Engdahl says:
Rush Health System Reports Data Breach Affecting 45,000
https://www.securityweek.com/rush-health-system-reports-data-breach-affecting-45000
Tomi Engdahl says:
Armor Scientific Emerges From Stealth With Wearable Authentication Solution
https://www.securityweek.com/armor-scientific-emerges-stealth-wearable-authentication-solution
California-based Armor Scientific this week announced that it has emerged from stealth mode with an identity and authentication platform that combines wearable hardware and patent-pending middleware components.
Tomi Engdahl says:
Huawei Opens Brussels Security Lab in Bid to Reassure EU
https://www.securityweek.com/huawei-opens-brussels-security-lab-bid-reassure-eu
Tomi Engdahl says:
Hackers Sell Access to Bait-and-Switch Empire
https://krebsonsecurity.com/2019/03/hackers-sell-access-to-bait-and-switch-empire/
Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.
Tomi Engdahl says:
Open MongoDB Databases Expose Chinese Surveillance Data
https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/
18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look.
It appears that they are part of a country-wide surveillance program that collects profile-related data (names, ID numbers, and photos) along with GPS locations, network info, public and private conversations, and file exchanges.
Huge amounts of profile data processed daily
People reading the thread were able to identify “wxmsg” as the WeChat voice and text application.
Tomi Engdahl says:
Dow Jones Watchlist Found Exposed to Open Internet
https://www.securityweek.com/dow-jones-watchlist-found-exposed-open-internet
The Dow Jones Watchlist, a dataset of 4.4 Gigabytes, was found exposed in an unprotected Elasticsearch database on an AWS server. The Watchlist is used by many of the world’s largest organizations as part of their due diligence for both large and small contracts and transactions. While it contains the financial status of companies, it also includes sensitive information about individuals.
Tomi Engdahl says:
Lily Hay Newman / Wired:
Researchers find unprotected database owned by an email validation company with 150 GB of plaintext marketing data, including 763M unique email addresses — Last week, security researchers Bob Diachenko and Vinny Troia discovered an unprotected, publicly accessible MongoDB database containing …
An Email Marketing Company Left 809 Million Records Exposed Online
https://www.wired.com/story/email-marketing-company-809-million-records-exposed-online/
By this point, you’ve hopefully gotten the message that your personal data can end up exposed in all sorts of unexpected internet backwaters. But increased awareness hasn’t slowed the problem. In fact, it’s only grown bigger—and more confounding.
Last week, security researchers Bob Diachenko and Vinny Troia discovered an unprotected, publicly accessible MongoDB database containing 150 gigabytes of detailed, plaintext marketing data—including 763 million unique email addresses. The pair are going public with their findings today. The trove is not only massive but also unusual; it contains data about individual consumers as well as what appears to be “business intelligence data,” like employee and revenue figures from various companies.
“Companies have email lists and want to start emailing them, but they’re not sure how valid they are,” says Troia, who founded the firm Night Lion Security. “So they go to a company that will essentially send out spam.”
Tomi Engdahl says:
Iranian hackers ransack Citrix, make off with 6TB+ of emails, biz docs, internal secrets
https://www.theregister.co.uk/2019/03/08/citrix_hacked_data_stolen/
Remote-desktop giant ‘among more than 200 govt agencies, oil, gas, tech corps’ hit by cyber-gang
Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets.
Tomi Engdahl says:
MyEquifax.com is yet another security disaster
https://techcrunch.com/2019/03/08/myequifax-com-is-yet-another-security-disaster/
Tomi Engdahl says:
More than billion records exposed online by email validation biz Verifications.io
https://securityaffairs.co/wordpress/82195/data-breach/verifications-io-data-leak.html
A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records. The archive includes 808,539,849 records containing:
emailrecords = 798,171,891 records
emailWithPhone = 4,150,600 records
businessLeads = 6,217,358 records
Initially, it was discovered only an unprotected database, but the situation is worse than initially thought because cyber security firm Dynarisk announced that there were four databases exposed online.
“As a result, 2,069,145,043 records (made up of both individual consumers and businesses) have been leaked, accessible to anyone with the know-how to find it.” reads the post published by Dynarisk.
Tomi Engdahl says:
2 Billion Unencrypted Records Leaked In Marketing Data Breach — What Happened And What To Do Next
https://www.forbes.com/sites/daveywinder/2019/03/10/2-billion-unencrypted-records-leaked-in-marketing-data-breach-what-happened-and-what-to-do-next/#55a7258e6b0d
Troy Hunt’s ‘have i been pwned?‘ service informed me that 763,117,241 people have had their records leaked by Verifications IO: including verified emails, phone numbers, addresses, dates of birth, Facebook, LinkedIn and Instagram account details, credit scoring and even mortgage data such as amount owing and interest rates being charged. Which wasn’t the best news to receive first thing on a Sunday morning. But then things got even worse, a lot worse. SC Media UK reports that Andrew Martin, CEO & founder of cybersecurity company DynaRisk, has revealed the true number of leaked records is much higher. How much higher? How does a total of 2,069,145,043 unencrypted records grab you?
So, what actually happened?
According to Bleeping Computer an unprotected MongoDB database was discovered by security researcher Bob Diachenko.
This company validates bulk email lists for companies wanting to remove inactive addresses from newsletter mailouts.
Bob Diachenko, says that “although not all records contained the detailed profile information about the email owner, a large amount of records were very detailed.”
Should you be worried?
Yes, of course you should. This was, after all, a massive leak of the kind of personal information that would be a goldmine for the phishers and spammers of this world. However, that concern can be diluted by a number of factors
Tomi Engdahl says:
1.8M Chinese women deemed ‘BreedReady’ by creepy new database
https://thenextweb.com/tech/2019/03/11/1-8m-chinese-women-deemed-breedready-by-creepy-new-database/
An open database in China has been found to include the personal information of over 1.8 million women.
It was discovered over the weekend by Victor Gevers, a Dutch internet expert from the non-profit group GDI.Foundation.
Gevers’ Twitter thread also includes a screenshot of the database showing the youngest girl with “BreedReady” status is just 15 years old.
The database, which was taken down late on Monday afternoon local time, includes women at the average age of 32. According to The Guardian, almost 90 percent of included entries were described “single” and 82 percent were listed as living in Beijing.
Tomi Engdahl says:
That marketing email database that exposed 809 million contact records? Maybe make that two-BILLION-plus
‘This is a gigantic amalgamation of data all in one place’ expert tells El Reg
https://www.theregister.co.uk/2019/03/08/verificationio_database_hole/
Tomi Engdahl says:
Over two billion records exposed by email validation company
https://blog.dynarisk.com/over-two-billion-records-exposed-by-email-validation-company/
When GDPR regulations were enforced, many of us were left thinking that our data would finally be respected and used only as specifically outlined. But in one of the latest data leaks containing over two billion records, evidence shows we have a long way to go when it comes to regulating how our data is shared.
Tomi Engdahl says:
Iranian-backed hackers ransacked Citrix, swiped 6TB+ of emails, docs, secrets, claims cyber-biz
Remote-desktop giant ‘among more than 200 govt agencies, oil, gas, tech corps’ hit by gang
https://www.theregister.co.uk/2019/03/08/citrix_hacked_data_stolen/
Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets
Tomi Engdahl says:
Marriott CEO shares post-mortem on last year’s hack
https://www.zdnet.com/article/marriott-ceo-shares-post-mortem-on-last-years-hack/#ftag=RSSbaffb68
Marriott investigators found Mimikatz and a remote access trojan (RAT) on hacked Starwood IT system.
Speaking in front of the Senate Committee on Homeland Security & Governmental Affairs Permanent Subcommittee on Investigations, Sorenson apologized to the company’s customers but also shot down rumors that China was behind the hack.
According to Sorenson’s prepared statement and an update on the Starwood breach notification website, these are the latest stats surrounding the Marriott breach:
383 million guest records
18.5 million encrypted passport numbers
5.25 million unencrypted passport numbers (663,000 from the US)
9.1 million encrypted payment card numbers
385,000 card numbers that were still valid at the time of the breach
Tomi Engdahl says:
https://securitydiscovery.com/800-million-emails-leaked-online-by-email-verification-service/
Tomi Engdahl says:
Zack Whittaker / TechCrunch:
Researchers find Box enterprise cloud storage accounts leaking sensitive data like prices for donated body parts and backdoor passwords to city waterworks
Dozens of companies leaked sensitive data thanks to misconfigured Box accounts
https://techcrunch.com/2019/03/11/data-leak-box-accounts/
Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can easily be discovered.
The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left data inadvertently exposed. Although data stored in Box enterprise accounts is private by default, users can share files and folders with anyone, making data publicly accessible with a single link.
In a blog post, Adversis said Box administrators should reconfigure the default access for shared links to “people in your company” to reduce accidental exposure of data to the public.
Pandora’s Box: Another New Way to Leak All Your Sensitive Data
https://www.adversis.io/research/pandorasbox
Tomi Engdahl says:
Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says
https://www.securityweek.com/equifax-was-aware-cybersecurity-weaknesses-years-senate-report-says
The massive Equifax data breach that impacted 148 million Americans in 2017 was the result of years of poor cybersecurity practices, a new Staff Report from the United States Senate’s Permanent Subcommittee on Investigations reveals.
Tomi Engdahl says:
Georgia County Criticized Over $400K Ransomware Payment
https://www.securityweek.com/georgia-county-criticized-over-400k-ransomware-payment
Jackson County, Georgia is just a little over 60 miles from the City of Atlanta. In March 2018, Atlanta was struck by a major ransomware attack. In March 2019, Jackson County suffered its own ransomware attack. Both attacks were successful targeted attacks — but that’s about all they have in common.
Atlanta chose not to pay the ransom
The Atlanta ransom was set at a little over $50,000 (not paid).
The Jackson County ransom, thought to be paid, was $400,000.
County officials started noticing problems on March 1, 2019. By the end of the weekend they were in serious trouble. On Tuesday, March 5 they went public; and on Wednesday, March 6 they posted, “At this time all County email services are down,” on Facebook. On that day, Sheriff Janis Mangum told StateScoop, “Everything we have is down.” But very little else was known.
Tomi Engdahl says:
Data Provenance – Unintended Consequences of Multiple Data Breaches
https://pentestmag.com/data-provenance-unintended-consequences-of-multiple-data-breaches/
The results of the multiple data breaches and compromised identity data, free flowing within the vast digital ecosystem has created a data provenance problem. One that will be have a great impact on individuals, as such data makes its way into the data supply chain.
When the compromised data enters the regular supply chain without any proper vetting, it will be aggregated and used by a number of organizations, giving it validity. Once in the supply process it will be consumed by algorithms to make data driven and actionable decisions