All news with #security misconfiguration tag

🔒 UpGuard researchers discovered a publicly accessible MongoDB database belonging to Neoclinical, exposing profiles for 37,170 users in Australia and New Zealand. Records included names, contact details, geocoordinates, dates of birth and structured health-screening answers that revealed diagnoses and treatments. UpGuard notified the company and AWS; access was removed on July 26. The exposure underscores the need for proper access controls and rapid incident response.

🔒 UpGuard discovered a publicly accessible rsync repository tied to Cohen Bergman Klepper Romano Mds PC that exposed records for more than 42,000 patients and over three million medical notes. The exposed data included patient and physician names, Social Security numbers, dates of birth, phone numbers, email and insurance information, along with an Outlook .pst and a virtual hard drive containing staff home addresses and family details. UpGuard notified the affected parties and Accenture, and the repository was secured after follow-up, underscoring failures in basic access controls and the need for faster remediation.

🔓 The UpGuard Cyber Risk Team discovered a publicly accessible Amazon S3 bucket that contained detailed configuration spreadsheets appearing to describe GoDaddy infrastructure running in the AWS cloud. The files included over 24,000 hostnames and 41 configuration fields per system, plus modeled financials and apparent AWS discounting—information useful for targeted attacks or competitive intelligence. GoDaddy closed the exposure after notification; no credentials were found, but the incident highlights the severe consequences of cloud misconfiguration at scale.

🔓 A publicly accessible rsync repository tied to Blue Chair LLC subsidiaries, including Target Direct Marketing and Gragg Advertising, exposed backups and web configuration files containing personally identifiable information for over one million people. The leak included MySQL backups (≈5 GB) with a peg_historical table listing names, addresses, emails, phone numbers and education details. Gragg Advertising moved quickly after notification and secured the service within an hour, but the incident underscores risks from misconfigured rsync services and weak data retention practices.

🔒 A cloud-based file repository owned by Dow Jones & Company was discovered publicly accessible, exposing sensitive personal and financial details for millions of customers. UpGuard researcher Chris Vickery located an AWS S3 bucket under the subdomain dj-skynet on May 30, 2017; Dow Jones secured the repository on June 6 after notification. Exposed material included names, addresses, account identifiers, login emails, the last four digits of credit cards, and 1.6 million entries tied to Dow Jones Risk and Compliance products, illustrating the dangers of cloud misconfiguration.

🔒UpGuard discovered and secured a publicly accessible rsync server holding roughly three terabytes and millions of files belonging to the Oklahoma Department of Securities. The exposed content included personal records, large email archives, virtual machine images, investigative files, and administrative credentials that threatened the agency’s network integrity. UpGuard notified state personnel and public access was removed on December 8, 2018.

🔓 UpGuard's Cyber Risk Team discovered an exposed rsync repository tied to subsidiaries of Blue Chair LLC, including Target Direct Marketing, that revealed PII for over one million individuals seeking higher education information. The publicly accessible server included daily MySQL backups and website files, with names, emails, phone numbers and education-related lead fields. The exposure resulted from an rsync misconfiguration and highlights the need for strong vendor risk controls, data retention policies and restricted backup access.

🔓 UpGuard's Data Breach Research team discovered and secured a publicly accessible rsync storage server containing data belonging to the Oklahoma Department of Securities. The exposure included approximately 3 TB and millions of files spanning 1986–2016, including email archives, virtual machine images, system credentials, and personal records. UpGuard identified the host via Shodan, notified state officials, and public access was removed the same day.

🔓 UpGuard Research discovered an unsecured Amazon S3 bucket containing a broad compilation of consumer data attributed to Tetrad, including blended sources such as Experian Mosaic and Claritas/Nielsen's PRIZM. Three large Mosaic files alone contained names, genders, addresses, and segment codes covering roughly 120–130 million households. The bucket also held retailer clientfiles with loyalty and transaction records from brands like Chipotle, Kate Spade, and Bevmo. After notification, Tetrad removed public access once the misconfiguration was identified.

🏥 UpGuard discovered an open Amazon S3 bucket operated by Medico Inc. that exposed nearly 14,000 files (~1.7 GB), including medical records, explanations of benefits, legal documents, and financial PII such as SSNs and bank account details. The bucket was identified on June 20, 2019 and secured within hours after notification. Exposed items also included internal spreadsheets containing account credentials and passwords, plus scanned checks and unredacted treatment notes. The incident highlights common cloud misconfigurations and the need for stronger vendor controls and data-handling processes.

⚠️ UpGuard discovered a public rsync repository exposing data from Power Quality Engineering (PQE), including client inspection reports, infrared imagery and plaintext internal passwords. The July 2017 exposure allowed downloads of hundreds of gigabytes via port 873 and revealed schematics for clients such as Dell, Oracle, Texas Instruments, and the City of Austin, including a SCIF layout. PQE secured the server after notification; the incident highlights the large risk of simple misconfigurations and third‑party vendor failures.