Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Unsecured AWS bucket exposes over 750,000 birth certificate applications

A massive data leak made the headlines, over 750,000 birth certificate applications have been exposed online due to an unsecured AWS bucket. Penetration testing firm Fidus Information Security discovered over 752,000 birth certificate applications that have been exposed online due to an unsecured AWS bucket.  The huge trove of personal data has been exposed online by […]

AWS Bucket

A massive data leak made the headlines, over 750,000 birth certificate applications have been exposed online due to an unsecured AWS bucket.

Penetration testing firm Fidus Information Security discovered over 752,000 birth certificate applications that have been exposed online due to an unsecured AWS bucket. 

The huge trove of personal data has been exposed online by an unnamed company that allows its customers to get copies of their birth and death records from state governments in the United States.

“More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket. (The bucket also had 90,400 death certificate applications, but these could not be accessed or downloaded.)” reads the post published by TechCrunch. “The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.”

The bucket also contained 90,400 death certificate applications, that anyway could not be accessed.

The exposed records include name, date of birth, current home address, email and phone number, names of family members, historical information (i.e. addresses), or the reason behind applying for the documents.

The content of the AWS bucket was updating daily, in just one week, the unnamed company owning the application added about 9,000 applications to the bucket. The applications dated back to late-2017, TechCrunch verified the authenticity of the data.

Fidus and TechCrunch attempted to contact the company via email prior to publication without success, they also informed Amazon that said it would inform the customer.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – AWS Bucket, birth certificate)

[adrotate banner=”5″]

[adrotate banner=”13″]