Skip to main content

State agency exposes 3TB of data, including FBI info and remote logins

posted onJanuary 21, 2019
by l33tdawg
Naked Security
Credit: Naked Security

Oklahoma’s Department of Securities (ODS) exposed three terabytes of files in plain text on the public internet this month, which contained sensitive data including social security numbers, details of FBI investigations, credentials for remote access to computers, and the names of AIDS patients.

Researchers at security company UpGuard found the files using the Shodan search engine, which indexes internet-connected devices. In this case, they ran across an unsecured rsync server registered to ODS.

Rsync is a utility commonly found on Unix and Linux systems that enables administrators to synchronize files between different computers. It is used for ‘delta’ syncing, in which one computer copies to another only the parts of files that have changed, enabling them to maintain identical copies of the files in different locations.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th