Data Security

Misconfiguration prompts massive Claimpix data leak

concept of leaky software, data with a tap sticking out.3d illustration

Illinois-based auto insurance claims management platform ClaimPix had more than 5.1 million files exposed by an unsecured database, according to HackRead.

Aside from containing insurance files with customers' personally identifiable information, official vehicle registrations, repair invoices, and photos of damaged vehicles, the 10.7 TB data trove also included nearly 16,000 Power of Attorney documents with electronic signatures and IP addresses, as well as confidential software license deals and other internal ClaimPix files, noted an analysis by cybersecurity researcher Jeremiah Fowler published on Website Planet.

Such extensive data exposure could be harnessed by threat actors to facilitate not only identity theft and financial crimes but also vehicle cloning, said Fowler. Additional details regarding the management of the database or the duration of its exposure remain uncertain.

However, Fowler's disclosure has led ClaimPix to promptly secure the misconfigured database, with the firm already implementing updated policies and code to ensure the security of stored information.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds