Researchers at vpnMentor have shared news about a recent data leak which exposed 425 GB in sensitive financial documents. The research team, led by Noam Rotem, uncovered an open database on an app developed by Advantage Capital Funding and Argus Capital Funding. The app, which is now no longer available for download, stored data on an AWS S3 bucket database which apparently did not employ any form of encryptions, authentication, or access credentials. The consequence was that over 500,000 documents were left vulnerable on the unprotected server and included credit reports, bank statements, contracts, legal documents, driver’s license copies, purchase orders and receipts, tax returns, Social Security information and transaction reports.
Source: Digital Journal
