1. Forum
  2. tqw
  3. TQW GENTECH

  • Learner driver data exposed in worrying breach - thousands affect

    From TechnologyDaily@1337:1/100 to All on Wednesday, October 30, 2024 20:30:05
    Learner driver data exposed in worrying breach - thousands affected

    Date:
    Wed, 30 Oct 2024 20:26:00 +0000

    Description:
    A Brazilian driving school kept an unprotected database online, exposing hundreds of thousands of people.

    FULL STORY ======================================================================

    A major Brazilian driving school appears to have exposed the sensitive information of up to 400,000 individuals after failing to properly secure a cloud database .

    Researchers from Cybernews claim to have found an unprotected Google Cloud Storage bucket containing information about Brazilian Learners Driving
    permits - Licena De Aprendizagem De Direo Veicular.

    The learner permit is a document that the Brazilian government issues to people currently attending driving lessons, allowing them to drive a vehicle during lessons. Cybernews says the archive is most likely owned by a driving school from Sao Paulo, called Centro de Formao de Condutores Free Alda. Still available

    Most of the exposed data carries a Detran insignia - which stands for State Department of Traffic (Departamento Estadual de Trnsito).

    The researchers believe that up to 400,000 individuals have had sensitive
    data exposed this way, including full names, photographs, postal addresses, government ID numbers, taxpayers numbers, details about the driving permit, including issue date and validity period, signatures, IP addresses, and user phone models. This is more than enough to run all sorts of cybercrime, from identity theft to wire fraud.

    The pros think the archive was either misconfigured, or not properly secured. It is impossible to determine for how long it remained open, or if anyone accessed it before they found it. The Cybernews team says they made the discovery on June 2, and that the school was subsequently contacted by
    Brazils CERT. However, as late as September 19, the archive was still open to anyone who knew where to look.

    The exposed data could be exploited by malicious actors for identity theft, fraud, or other illegal activities. Moreover, a breach of this type can undermine public trust in governmental agencies responsible for managing and protecting sensitive personal information, Cybernews researchers said. More from TechRadar Pro Mystery database containing sensitive info on 762,000 car-owners discovered by researchers Here's a list of the best firewalls
    today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/learner-driver-data-exposed-in-worrying -breach-thousands-affected


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)