The latest incident was identified by ethical researchers at WizCase, who discovered a massive data leak that belonging to FBS, which is a Cyprus-based online trading broker. FBS is a popular site, and one used by millions of traders in over 190 countries.
The leak included sensitive personally identifiable data, together with financial records, government documents, and potentially some passwords in plaintext form. Other data included files uploaded by users for their verification including personal photos, identity cards, driving licenses, birth certificates, bank account statements, utility bills, and even credit card statements.
The data exposure lasted for at least a few days before FBS responded to WizCase’s report and secured the ElasticSearch server that was left open to access by anyone due to a misconfiguration.
According to the impacted company, FBS: “It in no way reflects the number of users. One service generates hundreds of records on every execution and each user calls dozens of services. Thus, total amount of logs and the number of records have no connection to the number of users or user-related records”.
Looking at the matter for Digital Journal is Pravin Rasiah, who is the Vice President of Product, CloudSphere.
Rasiah outlines the significance of this latest cyber-issue: “A data leak of this size is big trouble for the customersd. As reported by the researchers, the details exposed here may result in some customers being targeted at their home address, especially those whose transactions indicate significant wealth.”
Furthermore, the issue means that “cybercriminals can take the exposed information and pretend to be the user and commit account takeover and fraud or launch targeted phishing attacks.”
Other organizations should take note, says Rasiah. Indeed, “for any businesses housing sensitive information in their servers, security governance guardrails are a necessity.” This does not appear to have been the case in this latest incident.
Rasiah explains that “without proper governance strategies in place, a simple change in policy or update could result in a server becoming exposed, inviting threat actors to take a look.”
In terms of the best preventative action to consider, Rasiah recommends: “A cloud management platform with complete visibility into the cloud landscape and real-time security posture monitoring is the best way to ensure these gaps are remediated in a timely manner.”
