Tuesday, March 9, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Unprotected Government Server Exposes Years of FBI Investigations

January 17, 2019
in Internet Privacy
Unprotected Government Server Exposes Years of FBI Investigations
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Credit: The Hacker News

A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files.

You might also like

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

Microsoft Exchange Cyber Attack — What Do We Know So Far?

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the Oklahoma Securities Commission and many sensitive FBI investigations—all wide open and accessible to anyone without any password.

Other severe files exposed included emails, social security numbers, names, and addresses of 10,000 brokers, credentials for remote access to ODS workstations, and communications meant for the Oklahoma Securities Commission, along with a list of identifiable information related to AIDS patients.

While the researcher doesn’t know exactly how long the server was open to the public, the Shodan search engine revealed that the server had been publicly open since at least November 30, 2018, almost a week after (on December 7) Pollock discovered it.

The UpGuard research team notified the ODS department the next day, and the state agency removed ‘public access’ to the unsecured pathway immediately after they were notified, though it is still unclear whether anyone else accessed the unsecured server.

database leaked download

According to the security firm, such exposure could have a “severe impact” on the department’s network integrity.

“By the best available measures of the files’ contents and metadata, the data was generated over decades, with the oldest data originating in 1986 and the most recent modified in 2016,” a blog post published on the UpGuard website reads.

“The data was exposed via an unsecured rsync service at an IP address registered to the Oklahoma Office of Management and Enterprise Services, allowing any user from any IP address to download all the files stored on the server.”

The firm also found passwords that could have allowed hackers to remotely access the state agency’s workstations, and a spreadsheet containing login information and passwords for several internet services, including popular antivirus software.

In response to the incident, the Oklahoma Securities Commission said in a press release published Wednesday that an “accidental vulnerability” of limited duration was discovered and immediately secured in the server and that the department is taking the issue seriously and ordered a forensic investigation.

Oklahoma Securities Commission data leakage

“The Oklahoma Department of Securities (ODS) has initiated a comprehensive review of the circumstances surrounding an incident involving the inadvertent exposure of information during installation of a firewall,” the Commission added.

“The ODS has notified law enforcement and OMES regarding the incident. A forensic team is currently conducting an analysis to determine the type and number of data files that may have been exposed and who may have accessed them.”

The Commission also said the department is also exploring remedial actions and notifications for anyone whose information may have been exposed, and reviewing internal procedures, controls and security measures to ensure such incidents can’t occur in the future.


Credit: The Hacker News By: noreply@blogger.com (Swati Khandelwal)

Previous Post

The Semi-Paired Problem In Machine Learning

Next Post

Hackers breach and steal data from South Korea's Defense Ministry

Related Posts

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
Microsoft Exchange Cyber Attack — What Do We Know So Far?
Internet Privacy

Microsoft Exchange Cyber Attack — What Do We Know So Far?

March 9, 2021
Iranian Hackers Using Remote Utilities Software to Spy On Its Targets
Internet Privacy

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

March 8, 2021
Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
Internet Privacy

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

March 6, 2021
Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories
Internet Privacy

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

March 6, 2021
Next Post
Hackers breach and steal data from South Korea’s Defense Ministry

Hackers breach and steal data from South Korea's Defense Ministry

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
How to Begin Using DevSecOps for your Team
Data Science

How to Begin Using DevSecOps for your Team

March 9, 2021
Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs
Machine Learning

Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs

March 9, 2021
Why Use Python for AI and Machine Learning? | by BoTreeTechnologies | Mar, 2021
Neural Networks

Why Use Python for AI and Machine Learning? | by BoTreeTechnologies | Mar, 2021

March 9, 2021
Podcasts for marketers and Google’s stance on tracking: Monday’s daily brief
Digital Marketing

Podcasts for marketers and Google’s stance on tracking: Monday’s daily brief

March 9, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks March 9, 2021
  • Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks March 9, 2021
  • How to Begin Using DevSecOps for your Team March 9, 2021
  • Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs March 9, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates