"An unencrypted, non-password-protected database was discovered by Cybersecurity Researcher Jeremiah Fowler, appearing to contain records from ClaimPix, an auto insurance claim filing and management platform. According to the researcher, the exposed database contained 5.1 million files, totaled at 10 TB of data. While it is unknown how long the database was exposed or if malicious actors gained access, insurance organizations are attractive targets for cybercriminals ; if the data was accessed, it could lead to cyber risks such as:"
""Thank you for alerting us to the security issues that you mentioned. We have investigated and confirmed your findings. We wanted to respond to you with a plan after we had time to identify the issue and also begin steps to remediate it. We have updated policies and our code to address this issue and will be making those changes live later this evening.""
An unencrypted, non-password-protected database contained records from ClaimPix, an auto insurance claim filing and management platform. The exposed dataset included roughly 5.1 million files totaling about 10 TB. It is unknown how long the database was exposed or whether malicious actors accessed the records. Exposed personally identifiable information included names, physical addresses, emails, and phone numbers. Registration documents revealed vehicle details such as year, make, model, and VIN. Approximately 16,000 powers of attorney documents and internal documents, including software license agreements, were also exposed. A responsible disclosure prompted confirmation of findings and planned remediation with policy and code updates.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]