An unprecedented national data breach has seen detailed information of potentially every person in Ecuador leaked online, it has been revealed.
More than 20 million people, including about 7 million children, had their data exposed by an unsecured server run by an Ecuadorian marketing and analytics firm, according to internet security firm vpnMentor.
The population of Ecuador is approximately 16.5 million people, meaning that the entire population could have been affected by the breach. Ecuador's State Attorney General's Office said Monday that deceased citizens could account for the additional few million people affected.
It is not yet known exactly how many people have been impacted by the data leak but it is thought to include full names, dates of birth, national identity card numbers, tax identification numbers, employment information, the names of family members, and more.
It was first uncovered when vpnMentor carried out a routine project earlier this month.
The internet security firm said Monday that it had traced the breach to an unsecured server located in Miami, Florida, which appeared to be owned by Ecuadorian data analytics firm Novaestrat.
"Once data has been exposed to the world, it can't be undone," the report said.
The breach was reportedly closed on September 11, "but the information may already be in the hands of malicious parties," it warned.
Remarkably, vpnMentor said it had even found personal information relating to WikiLeaks founder Julian Assange.
Assange was granted political asylum by Ecuador in 2012 and resided in the Ecuadorian embassy in London through to April earlier this year.
In response to the data leak, Ecuadorian authorities raided the house of William Roberto G, Novaestrat's manager, seizing electronic equipment and computers.
"He will be transferred immediately so that (the Ecuador prosecutor) can gather information within the framework of the investigation it carries out," Maria Paula Romo, Ecuador's interior minister, said via Twitter on Tuesday.
Ecuador's President Lenin Moreno reportedly said that he would introduce legislation to ensure more sophisticated data security in response to the breach.