I recently learned about a new Exactis data breach. No passwords were compromised, but much of the information that would be used in a social engineering or phishing campaign was collected by Exactis and lost in this breach. The data breach included 340 Million records, so it is also likely that your personal information may be lost. According to haveibeenpwned:
The leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data.
As always be careful if somebody contacts you and asks for personal information. Verify them through an alternative means even if they have some information about you.
For more information about the breach take a look at this wired article. https://www.wired.com/story/exactis-database-leak-340-million-records/
To check if your email account was lost consider using the https://haveibeenpwned.com service. You can sign up to get notified if you’re involved in a breach, which is a great service. This is a trusted service that I use regularly to know when data may have been lost.
If you were involved, unfortunately, there’s not a lot you can do at this point. Exactis is one of those data collection marketing companies that collects and stores all kinds of stuff about you, then (apparently) loses it. Since no “protected” data was lost it’s just up to you to be ultra aware of phishing and Social Engineering campaigns against you.
If you used the haveibeenpwned.com website to look up your email address and you were involved in a different data breach there may be other things that you should do, like changing your password on that site and every other that password was reused for (but of course you’d never reuse a password, right?)