20 000 Scottrade Bank users‘ data published online
Personal privacy is a highly sensitive issue for every Internet user. Constant warnings from the IT experts to take extra measures from ransomware attack. Amid this mood in the virtual space, Scottrade Bank accidentally exposed 20 000 users data online[1]. While it is common sense to associate every data breach accident with hackers and felons, for your surprise, this incident which is estimated to have a primary effect on 20 000 users was caused by a technical error rather than organized cyber attack[2]. The accident which might be soon dubbed as “the fail of the day” exposed account passwords, full names, addresses and social security credentials. Who’s to blame for such outrageous data breach?
The very incident took place when Genpact, IT services provider, left the folder with confidential information unprotected during the upload process to an Amazon-hosted process. Fortunately, such data “package” was spotted by Chris Vickery, a well-known security expert. The folder encompassed 158,9GB Microsoft SQL database. It seems that minor errors in SQL configuration may have lead to the major data leak. Fortunately, since the incident has been reported, the data is no longer accessible. Interestingly, the reputation of Scottrade Bank tarnished in the past already. The data breach which occurred on October 2015 resulted in 4,6 million users’ data exposure. At that time, the company’s representative provided little information on who or what caused the data leak.
Such data leaks seem to be rather a frequent phenomenon rather than a rarity. Several major data leak cases have reverberated already. In the case of data leak involving UK’s mobile company’s data leak cases. At that time, clients of Three Mobile, UK’s telecommunication company, could access confidential data of another user[3]. Another UK’s loan company Wonga has reported that the recent data leak might have affected more than 270 000 customers[4]. The name of the well-known company does not reassure the fact that the data monitored by them is always safe and well-protected[5]. In contrast to this case, when data breach was merely the outcome of a technical issue, hackers are often the main culprit for data leaks. While the confidentiality of your data greatly depends on the companies cyber security and protection measures, you should retain vigilance. Despite whether your preferred bank company has not experienced any data breach yet, change the passwords of your accounts every few months. Think of a delicately phrase and do not employ the same for several accounts.
Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.
- ^ Pierluigi Paganini. Scottrade Bank confirmed that a technical incident has exposed 20,000 customer records. a 60GB MSSQL database was accidentally left open online.. Security Affairs. Read, think, share...
- ^ David Bisson. Scottrade Confirms Third-Party Data Breach Exposed 20,000 Customers’ Private Data. TripWire. The state of security.
- ^ Three UK’s Mobile Customers Experience New Data Breach. InformationSecurityBuzz.
- ^ Nadine Freischlad. Go-Jek’s app has major data leaks, claims security firm. Go-Jek says they’re fixed.. TechInAsia. Connecting Asia' startup ecosystem.
- ^ DavidBisson. Wonga Says Incident May Have Compromised Customers’ Personal Data. Tripwire. News. trends. Inisghts.
