Cybersecurity researchers have found an inconvenient Amazon S3 bucket that explained personally identifiable information (PIIs) of more than three million US seniors.
Discovered by researchers in Wizcase, the cloud storage bucket belonged to Senioradvisor, which describes itself as the greatest notation and criticisms on the website of the Senior Care and Services of the United States and Canada.
The poorly configured bucket contained more than 180 GB of data, exposing the names and coordinates of more than three million individuals.
“The improperly configured Amazon S3 buckets are frequent and these highlights that site owners are clearly not aware of the magnitude of this vulnerability, particularly when the data is undrichly, indicating potentially catastrophic results. These S3 buckets allow people to configure them, but notoriously, people weaken or even bypass integrated security for a variety of reasons, which make them vulnerable, “Opine Jake Moore, Cybersecurity specialist in ESET.
Wizcase tense in Sorganedevice and the company has since secured the bucket.
Mature for fraud
Describing their discovery, researchers note that the S3 bucket was accessible to anyone on the Internet and that the information inside, they were not encrypted.
According to their analysis, the majority of the data exposed were in the form of prospects and included the contact details of potential customers that the WizCase assumes was targeted via various emails or telephony campaigns.
The information also listed the dates that users were contacted from 2002 to 2013, although the files themselves are 2017 timestamps.
In addition to the PIIs, Wizcase also discovered about two thousand comments that were cleaned from the user details. However, all critics have had a main identification, which could be used to eliminate the details of users without much effort.
Citing an FTC report, Wizcase submits that people from the age group from 60 to 69 have lost $ 600 per scam on average, and the number increased to $ 1700 per scam average for people in the age group 80-89 years old.
In particular, the report revealed that the elderly were more likely to fall for a wide variety of scams, including technical support scams, price scams / drawing, online scams and telephone scams; Everything that could be perpetrated with the help of the PII in the leakage database.
