Tetrad responded relatively quickly. UpGuard said it found and notified Tetrad of the exposure on February 3rd, and a back-and-forth led to the data being locked down on February 10th. It's not certain whether anyone besides UpGuard or Tetrad accessed the data, however.

The findings underscore one of the problems with collecting data on a large scale. It not only raises concerns about what companies do with your data, it also increases the chances that this data might fall into the wrong hands. It's also a stark reminder that your data is only as secure as the weakest link in the chain -- a simple mistake by a partner can render a company's security measures pointless.