Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label information exposed. Show all posts

A Data Breach To An AWS Portal Glitch By Ravkoo, A US-based Online Pharmacy

 

Ravkoo, an online prescription filling service, suffered a data breach, exposing health and other sensitive information. The company's prescription interface is hosted by Amazon Web Services (AWS). 

A security incident occurred in a specific instance that saved prescription information, allowing the information to be easily accessed. The unauthorized access occurred in September 2021, and the Ravkoo security team discovered it in October of that year. 

On January 3rd, 2022, around 150,000 potentially affected customers received breach notification letters. Ravkoo has discovered no cause to assume the exposed data was spreading or being utilized for nefarious activities at the time of writing their public statement, but that could change. The FBI and other authorities have been notified, and they are working with Ravkoo to investigate the situation further to determine who may be responsible. 

"Ravkoo has no indication that any of your personal information has been or will be exploited as a result of this occurrence at this time. Nonetheless, out of an abundance of caution, Ravkoo chose to alert you about this incident," according to Alpesh Patel, the online pharmacy's CEO, because it hasn't received any reports of identity theft relating to the data breach since September 27, the date of the incident. Ravkoo also claims to have reported the event to the appropriate authorities and to be working with forensic experts to examine the issue and improve its security posture. The hacker also provided records of 340,000 prescriptions written by Ravkoo between November 3, 2020, and September 11, 2021, totaling $8.5 million in medicine prices, according to Micah Lee of The Intercept. 

Ravkoo's identity monitoring services are available to users who may have been affected by the breach. The scope of the exposed data has not been released, however, the concerned parties should report any unlawful activity they see. Health information can be sold and exploited to commit medical identity theft, as we discussed earlier this week. For those who have their information utilized unlawfully, this might result in a variety of problems. Following an occurrence like this, it's critical to remain vigilant.

US Soldiers Exposed Information About the Nuclear Weapons Stockpile

 

According to a new report, U.S. soldiers stationed at several bases in Europe accidentally revealed confidential data connected to America's nuclear weapons arsenal while using inadequately secured flashcard apps to memorize those secrets. 

The soldiers accidentally revealed “not just the bases” where the nukes were stored, but also “the exact shelters with ‘hot' vaults that likely contain nuclear weapons,” writes Foeke Postma, a researcher with the OSINT-focused investigative team Bellingcat, in what appears to be a mind-boggling mishandling of America's most sensitive national security information. They also gave a slew of other information, including secret codes, passwords, and security layouts in various locations. 

According to Postma's investigation, the troops utilized common study apps like Chegg, Cram, and Quizlet to save highly classified data on European nuclear bases, then forgot to change the applications' settings from public to private. 

Some of the same soldiers allegedly made their usernames public, which “included the full identities of the persons who established them,” and used the same images they had on their LinkedIn pages, making them easier to track down. 

Postma believes that he was able to find a lot of this information by Googling official words and acronyms related to the US nuclear weapons development. When he did, he discovered a set of 70 public-facing flashcards titled "Study!" that disclosed details on the alleged nuclear inventory at Volkel Air Base in the Netherlands (a long-rumored locale of a U.S. nuke stockpile). Postma further alleges that subsequent open-source searches uncovered further flashcard caches, which revealed “details about vaults at all the other facilities in Europe that supposedly host nuclear weapons.” 

"Some flashcards detailed the number of security cameras and their positions at various bases, information on sensors and radar systems, the unique identifiers of restricted area badges (RAB) for Incirlik, Volkel, and Aviano as well as secret duress words and the type of equipment carried by response forces protecting bases," Postma said. 

"The scale to which soldiers have uploaded and inadvertently shared security details represents a massive operational security failure,” said Postma. “Due to the potential implications around public safety, Bellingcat contacted NATO, US European Command (EUCOM), the US Department of Defence (DoD), and the Dutch Ministry of Defence (MoD) four weeks in advance." The flashcards linked to these disclosures have been taken down since then, according to Postma.

643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo

 

The issue of data fraud has been on a rapid rise, as of late, and evidently so as data breaches are a matter of serious concern for data applications in all aspects of life. In recent days, few Indian start-ups have suffered several data violations. 

In the light of that, an alarming data violation within the packaging acquisition company Bizongo, a digital platform located in Mumbai, India, was discovered by the Website Planet Security Team. As just at end of December 2020, the team disclosed an incorrect bucket belonging to Bizongo that leaves highly confidential data potentially exposed to hackers and other unauthentic sources. Due to the complexity of the breach, more than a thousand organizations and hundreds of thousands of people could be affected. 

The key concern of Bizongo is serving Indian firms and there is no indication that their facilities extend beyond Indian borders. While its website domain has just been altered to 'dotcom,' it indicates that international companies have the potential of becoming a part of Bizongo. 

With more than 400 customers across multiple sectors, Bizongo is an online packing market, with over 860 million packings shipped to date. With customers using their Business to Business (B2B) supply chain and vendor management systems, Bizongo has disclosed almost 2.5 million (643Gb) data files that contain names, addresses, billing numbers, and customer payment information, with Amazon, Flipkart, Myntra, Swiggy and Zomato being some of their prime customers. 

A malfunctioning Amazon Web Services (AWS) S3 bucket operated by Bizongo was indeed the cause of the data leak as per the security team of Website Planet. There were two kinds of files in the bucket — customer bills and dispatch labeling. 

In a blog post, the Website Planet wrote, “With clear examples of branded shipping labels and customer receipts, finding the owner of the breached database was reasonably straightforward. All of the exposed data was identified as accurate, with the data belonging to real individuals.” 

The exact period during which this data wasn’t secured is currently unclear. The team, nevertheless, noted that the violation was detected and registered on 30 December 2020. While Bizongo has never responded to this data breach, on 8 January 2021, when the breach was closed, the website planet security staff revised the bucket anyway. 

Although the Indian data security legislation has not been enforced yet, Bizongo remains guilty of almost any misreporting of personal data. Affected individuals have a legitimate right to pursue civil proceedings and reimbursement. 

Any Indian company or packaging provider using the Bizongo platform also faces the possibility of this infringement affecting them. Concerned parties should seek further clarification from Bizongo themselves on their data and this violation. Since they cannot be sure if non-ethical attackers and fraudsters access unsecured data. However, the information leaked is likely to be detected, so users should be mindful of a variety of risks. 

“We take data security very seriously and implement best security practices to keep our and our customer data secure. We have taken strong measures to prevent such accidental misconfiguration from happening in the future,” the Bizongo added.