Another day another data breach, but in this instance a huge leak of government data was exposed.
Oklahoma Securities Commission
Three terabytes of unprotected data from the Oklahoma Securities Commission was discovered by an Upguard security researcher, Greg Pollock. Left wide open on a server with no password allowing access to anyone with an internet connection were millions of files on many sensitive FBI investigations.
“It represents a compromise of the entire integrity of the Oklahoma Department of Securities’ N
etwork,” said Chris Vickery, head of research at UpGuard, which is revealing its technical findings on Wednesday. “It affects an entire state level agency. … It’s massively noteworthy.”
Vickery stated that the FBI files contained “all sorts of archive enforcement actions” dating back seven years, with the earliest file creation date was 2012.
The documents included spreadsheets with agent-filled timelines of interviews related to investigations, emails from parties involved in myriad cases and bank transaction histories. There were also copies of letters from subjects, witnesses and other parties involved in FBI investigations. The leaked data included email archives stretching back 17 years, thousands of social security numbers, and data from the 1980s onwards.
Some of the major companies that were named in the leaked FBI files were AT&T, Goldman Sachs, Lehman Brothers, among many others. It’s not apparent that any of the organizations were accused of securities crimes, but they were either participating in or linked to FBI cases in some way.
Rsync Server & Poor Security Practices
Vickery and Pollock deemed the breach as a rsync server, a server that was mistakenly left open. Typically, it is good practice to use such servers to back up large batches of data and secure it with a username and password.
Vickery and Pollock said that there were other signs of poor security within the leaked data. Passwords for computers on the Oklahoma government’s network were exposed in the breach and they were “not complicated.” The department also stored an encrypted version of one document in the same file folder as a decrypted version. Remote access passwords for agency computers were also leaked.
Governments and corporate giants alike do not realize the severity of cyber-criminal attacks who are searching the web for leaked data such as this. Using the basics like having a secure, unique password for every account would help secure their data.