All news with #security misconfiguration tag

🔓 UpGuard Research discovered a publicly accessible Amazon S3 bucket containing detailed consumer data attributed to Tetrad, including files derived from Experian Mosaic, Claritas/PRIZM, and client-supplied datasets covering over 120 million U.S. household records. The exposure included full names, addresses, gender, Mosaic codes, and retailer account and purchase information. UpGuard notified Tetrad in early February and, after repeated contact, the company removed public access and secured the bucket. The dataset's breadth raises significant privacy and targeted-risk concerns for individuals and communities.

🔒 UpGuard Research discovered a publicly accessible AWS S3 bucket containing roughly 60 GB of MSSQL backups uploaded by a Spartan Technology employee, exposing South Carolina justice-system records spanning 2008–2018. The dataset included about 5.2 million arrest-event rows, tens of millions of related records, and sensitive PII such as names, dates of birth, driver’s license numbers and roughly 17,000 Social Security numbers. Permissions included the "AuthenticatedUsers" group, enabling broad access; Spartan removed public access the same day after notification.

🔎 The UpGuard Cyber Risk Team details a public discovery of AggregateIQ repositories that exposed sophisticated political targeting tools. The report highlights project families Monarch and Saga, describing ad-scraping scripts, pixel trackers, and ingestion services that link Facebook ad activity to web behavior. Exposed credentials and AWS assets amplify privacy and oversight concerns.

🔓UpGuard discovered 111 GB of internal customer records from National Credit Federation stored in a publicly accessible Amazon S3 bucket, including names, addresses, dates of birth, scanned driver’s licenses and Social Security cards, full bank and credit card numbers, and complete credit reports. The repository contained personalized credit blueprints and videos showing employee access. UpGuard notified the company, which promptly secured the bucket. The case highlights the need for rigorous cloud permission controls and continuous configuration monitoring.

🔒 A misconfigured Amazon S3 repository administered by NICE Systems exposed names, addresses, account details and PINs tied to Verizon customers; UpGuard estimated up to 14 million affected while Verizon disputed a 6 million figure. The publicly accessible bucket contained daily voice-log files and large text archives with unmasked fields such as PIN and CustCode, alongside call analytics metadata. UpGuard notified Verizon in June 2017 and remediation followed, but the incident underscores the severity of third-party cloud misconfigurations and vendor-managed data risk.

🔓 The UpGuard Cyber Risk Team discovered a publicly accessible Amazon S3 bucket that contained detailed configuration spreadsheets appearing to describe GoDaddy infrastructure running in the AWS cloud. The files included over 24,000 hostnames and 41 configuration fields per system, plus modeled financials and apparent AWS discounting—information useful for targeted attacks or competitive intelligence. GoDaddy closed the exposure after notification; no credentials were found, but the incident highlights the severe consequences of cloud misconfiguration at scale.

🔒 UpGuard discovered a publicly accessible rsync repository tied to Cohen Bergman Klepper Romano Mds PC that exposed records for more than 42,000 patients and over three million medical notes. The exposed data included patient and physician names, Social Security numbers, dates of birth, phone numbers, email and insurance information, along with an Outlook .pst and a virtual hard drive containing staff home addresses and family details. UpGuard notified the affected parties and Accenture, and the repository was secured after follow-up, underscoring failures in basic access controls and the need for faster remediation.

🔒 UpGuard researchers discovered a publicly accessible MongoDB database belonging to Neoclinical, exposing profiles for 37,170 users in Australia and New Zealand. Records included names, contact details, geocoordinates, dates of birth and structured health-screening answers that revealed diagnoses and treatments. UpGuard notified the company and AWS; access was removed on July 26. The exposure underscores the need for proper access controls and rapid incident response.

🔓 Level One Robotics left 157 GB of sensitive customer, employee, and corporate files accessible via an unrestricted rsync server, exposing CAD drawings, factory layouts, robotic configurations, NDAs, identity documents, and banking records for over 100 manufacturing clients. UpGuard discovered the exposure on July 1, 2018 and began outreach on July 5; after contact on July 9, Level One remediated the server by July 10. The incident underscores third- and fourth-party supply-chain risk and the need to restrict file-transfer services by IP and authentication, enforce vendor security standards, and maintain rapid exposure-response procedures.

🔓 UpGuard disclosed that an unsecured Medcall Healthcare Advisors Amazon S3 bucket exposed roughly 7 GB of sensitive information, including PDF intake forms, CSV files containing full Social Security numbers, and 715 recorded patient-doctor and operator calls. The bucket was publicly readable and writable with an 'Everyone - Full Control' ACL and was taken offline after UpGuard notified Medcall. The case underscores the danger of vendor misconfiguration and third-party exposure of protected health information.

🔓 UpGuard discovered an Amazon S3 bucket owned by LocalBlox that was publicly accessible, exposing a 1.2 TB ndjson archive containing approximately 48 million personal profiles. The dataset aggregated names, addresses, dates of birth, scraped LinkedIn and Facebook content, Twitter handles, and other identifiers used to build psychographic profiles. UpGuard notified LocalBlox and the bucket was secured on February 28, 2018. The incident highlights how a simple cloud misconfiguration can compromise consumer privacy and enable targeted influence at scale.

🔓 On October 3, 2017 UpGuard researcher Chris Vickery discovered a publicly accessible Amazon S3 bucket belonging to National Credit Federation containing 111 GB of internal and customer records. The repository included scanned IDs, Social Security card images, full credit reports from Equifax, Experian, and TransUnion, personalized credit blueprints, and full bank and card numbers. National Credit Federation secured the bucket after notification and UpGuard found no evidence of theft in this report. The case underscores the necessity of validating cloud storage permissions and continuously monitoring third-party risk.

🔒 The UpGuard Cyber Risk Team discovered an Amazon S3 bucket for LA County 211 that was publicly accessible and contained Postgres backups and CSV exports with sensitive data. A 1.3GB t_contact export included millions of records, roughly 200,000 detailed call notes and 33,000 Social Security numbers, alongside 384 user accounts with MD5-hashed passwords. The exposure dated from 2010–2016; UpGuard notified the service in March–April 2018 and confirmed the bucket was closed within 24 hours of contact.

🔓 In May 2019 UpGuard researchers discovered publicly accessible HCL pages that exposed personal information, plaintext passwords for new hires, and detailed project reports. The data was dispersed across multiple subdomains and web UIs, including HR dashboards, recruiting approval panels, and a SmartManage reporting interface. After notifying HCL's Data Protection Officer, the researcher confirmed the anonymous-access pages were taken offline within days. The incident underscores the risk of misconfigured application pages and the importance of clear reporting channels and prompt incident response.

🔓The database of Omaha-based voting machine vendor Election Systems & Software was left publicly accessible on an Amazon S3 bucket, exposing records for 1.864 million Chicago voters. The exposed MSSQL backups included names, addresses, dates of birth, phone numbers, driver’s license numbers and the last four digits of Social Security numbers. UpGuard discovered the open bucket on Aug 11, 2017 and notified ES&S, which closed access the next day.

🔓 UpGuard disclosed that an Amazon S3 bucket belonging to the Tea Party Patriots Citizens Fund (TPPCF) publicly exposed roughly 2GB of campaign materials and call lists. The files—largely PDFs and images from the 2016 election cycle—contained strategy documents, marketing assets, and call records listing full names, phone numbers and VoterIDs for about 527,000 individuals. Upon notification on October 1, 2018, TPPCF restricted bucket permissions within hours and removed access by October 5. The incident underscores how cloud misconfiguration can turn organizational data into a large-scale privacy breach with political implications.

🔓 UpGuard's Data Breach Research team discovered and secured a publicly accessible rsync storage server containing data belonging to the Oklahoma Department of Securities. The exposure included approximately 3 TB and millions of files spanning 1986–2016, including email archives, virtual machine images, system credentials, and personal records. UpGuard identified the host via Shodan, notified state officials, and public access was removed the same day.

🔓 UpGuard's Cyber Risk Team discovered an exposed rsync repository tied to subsidiaries of Blue Chair LLC, including Target Direct Marketing, that revealed PII for over one million individuals seeking higher education information. The publicly accessible server included daily MySQL backups and website files, with names, emails, phone numbers and education-related lead fields. The exposure resulted from an rsync misconfiguration and highlights the need for strong vendor risk controls, data retention policies and restricted backup access.

🔒 A cloud-based file repository owned by Dow Jones & Company was discovered publicly accessible, exposing sensitive personal and financial details for millions of customers. UpGuard researcher Chris Vickery located an AWS S3 bucket under the subdomain dj-skynet on May 30, 2017; Dow Jones secured the repository on June 6 after notification. Exposed material included names, addresses, account identifiers, login emails, the last four digits of credit cards, and 1.6 million entries tied to Dow Jones Risk and Compliance products, illustrating the dangers of cloud misconfiguration.

🔓 A publicly accessible rsync repository tied to Blue Chair LLC subsidiaries, including Target Direct Marketing and Gragg Advertising, exposed backups and web configuration files containing personally identifiable information for over one million people. The leak included MySQL backups (≈5 GB) with a peg_historical table listing names, addresses, emails, phone numbers and education details. Gragg Advertising moved quickly after notification and secured the service within an hour, but the incident underscores risks from misconfigured rsync services and weak data retention practices.