The Amber Group data breach issue saw over 425,000 immigration documents containing traveler names, dates of birth, and passport numbers, as well as 440,000 images of travelers’ signatures. This happened in relation to the JamCOVID19 website and app.
Also exposed on the server were 1.1 million required “check-in” videos recorded by travelers staying outside Jamaica’s “resilient corridor,” which were used by the Ministry of Health to track travelers and ensure they did not leave the area during their stay. The server is now secured, but there is no information on how long it was open for. Many people had uploaded their COVID-19 results through the Visit Jamaica website before their travel.
Looking into the serious matter for Digital Journal is Anurag Kahol, CTO and co-founder of Bitglass.
Kahol explains why the data breach was caused by an elementary error: “Leaving a cloud storage server exposed without any authentication controls in place is an easily preventable security failure, but is still a common occurrence among many organizations today. Although the server in this instance was secured shortly after discovery, it is unknown how long the information was exposed or if a third party obtained access to the data.”
The data is also of use to hackers, Kahol contends: “The compromised personally identifiable information (PII) in this incident was highly valuable data that criminals could either sell on the dark web for profit or use for identity theft and phishing schemes.”
As to what is to be done?, Kahol recommends: “Government institutions handling PII must prioritize the safety of their travelers and citizens. To prevent similar cloud security lapses in the future, they can begin with the simple implementation of a password, then equip themselves with technologies like data loss prevention (DLP), multi-factor authentication (MFA), user and entity behavior analytics (UEBA), and, of particular importance for this kind of issue, cloud security posture management (CSPM). These security technologies can ensure full visibility and control over cloud resources and the sensitive data therein.”
