Friday, October 15, 2021

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

Must Read

NimzaLoader malware was written Nim Programming Language to be less detected

NimzaLoader malware is unusual because it's written in a programming language rarely used by cybercriminals - which could make...

Researchers: Hackers Easily Bypass Google reCAPTCHA With Google’s Speech-to-Text API

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to...

Nine cyber Offenders arrested in a police raid

Throughout the constant action being taken by the authorities to preventing cybercrime, the authorities obtained a major success last...

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket.

This happened because all of them using the same web service provider aimed at municipalities. This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. 

Due to the large number and different types of unique documents, it is difficult to estimate the number of persons exposed to this Breach. It was not necessary to have a password or login credentials to access this information, and the data was unencrypted.

More than a hundred American cities seemed to use the same product, mapsonline.net, provided by an American firm called PeopleGIS. Data from these municipalities was stored in multiple incorrectly configured Amazon S3 buckets that shared naming conventions similar to MapsOnline.  For this reason, we believe those cities use the same software solution.

PeopleGIS is a Massachusetts-based company specializing in information management software. Many city municipalities in the state of Massachusetts and a few in surrounding states like Connecticut and New Hampshire use their software and platforms to manage a variety of data.

This means there are 3 options:

  • PeopleGIS created and handed over the buckets to their customers (all municipalities), and some of them made sure these were properly configured;
  • The buckets were created and configured by different employees at PeopleGIS, and there were no clear guidelines regarding the configuration of these buckets;
  • The Municipalities created the buckets themselves, with PeopleGIS guidelines about the naming format but without any guidelines regarding the configuration, which would explain the difference between the municipalities whose employees knew about it or not.

More than 80 incorrectly configured Amazon S3 buckets containing data on these municipalities, totaling more than 1,000 GB of data and more than 1.6 million files. The type of files exposed varied by municipality. In This Breach, there was no way to provide a clear estimate of the number of people left vulnerable in this breach.

The type of documents exposed includes business licenses, residential records such as deeds, tax information, and resumes for applicants to government jobs. The information exposed in the breach include:

  • Email address
  • Physical address
  • Phone number
  • Drivers license number
  • Real estate tax information
  • Photographs of individuals (on drivers licenses)
  • Photographs of properties
  • Building and city plans

The breach could lead to massive fraud and theft from citizens of those municipalities. The highly sensitive nature of the data contained in the local government database, from telephone numbers to business licenses to tax records, is highly susceptible to exploitation by threat actors.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This