Ecuador’s government has rushed a draft privacy law to Congress after the nation was hit with a massive data breach impacting more than 20 million people.
The breach, according to the Financial Times, was discovered by researchers at VPNMentor, who reported that the data was found on an unsecured server owned by Novaestrat, a data analytics company in Ecuador. The information included the names of more than 20 million individuals who hold Ecuadorean identification numbers, including children and dead people, along with their ID numbers, taxpayer IDs, home addresses, email addresses, phone numbers and education and employment records. Some of the listings included personal bank details.
The researchers informed the Ecuadorean authorities, who closed the breach on Sept. 11. Then on Sept. 16, Ecuadorean police raided Novaestrat’s offices and arrested its chief executive officer.
“The database is now closed, but the information may already be in the hands of malicious parties,” VPNMentor said, adding the breach “could have been prevented with some basic security measures.”
The researchers said they had not stored any of the data or profited from it.
“Our goal is to improve the overall safety and security of the internet for everyone,” they explained.
While Ecuador had been working on a data privacy law for nearly two years, the breach prompted the government to finish its work and send the draft law to parliament. The legislation includes fines for companies that misuse data, compensation for victims of data fraud and punishment for companies and individuals that sell data obtained illegally.
Andrés Michelena, telecoms minister, said the draft had been created “in accordance with European guidelines.” And the head of the nation’s Congress has already said the proposal will be fast-tracked.
“This is part of the process of becoming a digitalized nation,” Michelena said. “The first stage is having protection for personal data.”
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More