Blog
Share This Post
[ad_1]
Cybernews reports that Indian fintech firm FatakPay had more than 27 million files with Know Your Customer documents and other sensitive loan application information compromised by an unsecured Amazon AWS S3 bucket.
Data included in the misconfigured S3 bucket — which was identified in September, disclosed in October, and secured earlier this month — included individuals’ full names, home addresses, phone numbers, email addresses, loan agreements and applications, national ID copies, account statements, selfies, PAN and Aadhar identifiers, and credit score reports, according to Cybernews researchers.
Such information exposed by the misconfiguration was noted by researchers to not only be potentially weaponized in identity theft that could jeopardize the credit scores of India-based individuals but also in phishing attacks that involve the spoofing of banks and other legitimate organizations to compromise additional sensitive data. Threat actors could also leverage the leaked home addresses to dox targets for burglary, harassment, or stalking purposes, researchers added.
Get essential knowledge and practical strategies to fortify your cloud security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
