111GB of Customer Information from National Credit Federation Left Exposed
Through unsecured AWS bucket
By Jean Jacques Maleval | December 1, 2017 at 2:34 pmTo read this article from UpGuard, click on:
Credit Crunch: Detailed Financial Histories Exposed for Thousands
Coming only months after the revelation that the personal information of over 143 million Americans had been stolen from the systems of credit agency Equifax, the UpGuard Cyber Risk Team has discovered a new, damaging exposure from within a financial firm, which, beyond revealing critical internal data, also exposes customer information compiled by all three major credit agencies. This highly concentrated level of exposure, thoroughly revealing customer credit history several times over, serves to highlight the myriad dangers a single exposure can unleash.
111GB of internal customer information from National Credit Federation, a Tampa, Florida-based credit repair service, was left exposed in a publicly downloadable data repository, revealing to the public internet sensitive personal and financial information for tens of thousands of customers. Exposed among the leaked files were such sensitive documents and details as customer names, addresses, dates of birth, driver’s license and Social Security card images, credit reports from all three major agencies, personalized credit blueprints containing detailed financial histories, and full credit card and bank account numbers.