A variety of sensitive information has been there for the taking due to an unsecured cloud storage container
Over 752,000 birth certificate applications have been exposed online by an unnamed company that enables people to obtain copies of their birth and death records from state governments in the United States, TechCrunch reports. Needless to say, the exposed cache of documents includes a variety of personal information.
The leak was reported by Fidus Information Security, a company specializing in penetration testing. The applications were found on the Amazon Web Services (AWS) cloud computing platform, sitting out in the open with no password protection whatsoever. This means anyone who could guess the relatively simple web address, including bad actors, could access the records.
Although the application process varies from state to state, the ultimate goal is the same – to allow people to acquire a copy of their records. These records include sensitive personal information such as the name, date of birth, current home address, email and phone number. On top of that, the applications also include the names of family members, historical information such as past addresses, or the reason behind applying for the documents.
The affected cache included applications dating all the way back to 2017. The company that runs the service added approximately 9,000 applications to the repository in a single week. The authenticity of the data was verified by TechCrunch by comparing them against public records.
As shocking as this leak may look at first glance, it is not an isolated case. Over a 12-month span betwe ..
Support the originator by clicking the read the rest link below.
