Data Leak Exposes 750K Birth Certificate Applications

Dec 10, 2019 02:00 pm Cyber Security 240

Data Leak Exposes 750K Birth Certificate Applications

Over 750,000 applications for US birth certificates have been found exposed online thanks to a misconfigured cloud server.





UK security firm Fidus Information Security found the trove, which was left unsecured in an Amazon Web Services (AWS) bucket with no password protection.





The company in question hasn’t been named because it has yet to respond to attempts by the research team to notify it of the privacy snafu. It provides a service to US citizens allowing them to request copies of birth and death certificates from state governments.





As such, the data exposed is highly sensitive, including: applicant name; date of birth; home and email address; phone number; and other personal information such as previous addresses and names of family members.





That’s all information that would be highly valuable to potential scammers, to help commit identity fraud and craft convincing phishing emails to harvest even more sensitive information.





The identities of children are particularly highly sough after; because they have limited financial records associated with them it is easier for scammers to open new accounts in their name. Over one million US kids fell victim to identity fraud in 2017, resulting in losses of $2.6bn, according to Javelin Strategy & Research.





“Examples such as this show just how important it is for consumers to know precisely which companies are part of the software supply chain delivering any given service to them,” argued exposes birth certificate applications

Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!