Data Security, Cloud Security

Misconfiguration prompts extensive IMDataCenter record leak

(Adobe Stock)

Hackread reports that Florida-based data solutions provider IMDataCenter had 10,820 records belonging to individual and corporate clients inadvertently exposed by an unsecured AWS bucket.

Information part of the misconfigured 38 GB database included more than 260 million individuals' names, physical addresses, and phone numbers, as well as 600 million email addresses, according to an analysis by cybersecurity researcher Jeremiah Fowler published on Website Planet. "With each CSV document containing the data of thousands of individuals, it is difficult to calculate the total number of those who may have potentially had their data exposed," said Fowler, who noted that the database had been immediately secure following disclosure. Such a development comes after IMDataCenter's AWS bucket with almost 40 GB of data was claimed to have been infiltrated by BreachForum user ThinkingOne. In communications with Hackread, ThinkingOne noted inaction from the end of IMDataCenter following initial notification, prompting them to download all data that included 37 million phone numbers and 20 million email addresses, as well as a smaller number of Social Security numbers.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds