South Carolina-based Rainwalk Pet Insurance had 158 GB of data belonging to customers and their pets leaked by an unsecured database, according to HackRead.
Included in the misconfigured database were more than 85,000 files with owners' names, phone numbers, physical and email addresses, and partial credit card numbers, as well as their pets' names, breeds, microchip numbers, and medical history, noted an analysis by cybersecurity researcher Jeremiah Fowler published on Website Planet.
Rainwalk was reported by Fowler to have waited almost a month after his notification to secure the exposed database. Such an inadvertent database leak poses significant privacy and financial threats, with threat actors potentially making fraudulent insurance claims or conducting scams claiming the expiration of pets' microchips. Attackers could also create phony invoices or intercept refunds for customers through Venmo.
More robust encryption and access controls should be adopted by pet insurance firms to ensure the security of their customers' and pets' data, said Fowler.
Included in the misconfigured database were more than 85,000 files with owners' names, phone numbers, physical and email addresses, and partial credit card numbers, as well as their pets' names, breeds, microchip numbers, and medical history, noted an analysis by cybersecurity researcher Jeremiah Fowler published on Website Planet.
Rainwalk was reported by Fowler to have waited almost a month after his notification to secure the exposed database. Such an inadvertent database leak poses significant privacy and financial threats, with threat actors potentially making fraudulent insurance claims or conducting scams claiming the expiration of pets' microchips. Attackers could also create phony invoices or intercept refunds for customers through Venmo.
More robust encryption and access controls should be adopted by pet insurance firms to ensure the security of their customers' and pets' data, said Fowler.




