Tuesday, December 3, 2024
HomeData BreachAuto Tracking Company Sever Misconfiguration Leaks Over a Half Million Personal Records...

Auto Tracking Company Sever Misconfiguration Leaks Over a Half Million Personal Records Online

Published on

SIEM as a Service

A New Discovered SVR Tracking Company Sever Repository Misconfiguration Leaks the Secret Information of vehicle recovery device and monitoring company SVR Tracking (stolen vehicle records) which Discovered from a misconfigured Amazon AWS S3 bucket.

SVR Tracking Providing service enables lot owners to locate and recover their vehicles with live, real-time tracking and provides stop verification.

Sever Misconfiguration may cause Biggest Impact that will Lead to Expose the Tons of Data from the Network into Public.

- Advertisement - SIEM as a Service

This Publically Available SVR Tracking Owns Repository contains customers and re-seller network and also the physical device that is attached to the cars.

The repository exposed over a half of a million records with logins / passwords, emails, VIN (vehicle identification number), IMEI numbers of GPS devices and other data that is collected on their devices, customers and auto dealerships. Interestingly, exposed database also contained information where exactly in the car the tracking unit was hidden.

Also Read:   CCleaner Got Hacked & Used For Distributing Malware that Infected 2 Million Users

What all are the Information Misconfiguration Leaks

A Repository Contains Tons of Personal Information with a Backup Folder called “accounts” contained 540,642 ID numbers, account information that included many plate & Pin numbers, emails, hashed passwords, IMEI numbers and more.

This Leakage 116 GB of Hourly Backups ,5 GB of Daily Backups from 2017, 339 documents called “logs” that contained data from a wider date range of 2015-2017 UpdateAllVehicleImages, SynchVehicleStatus, maintenance records.

Also Document with information on the 427 dealerships that use their tracking information, 339 documents called “logs” that contained data from a wider date range of 2015-2017 UpdateAllVehicleImages, SynchVehicleStatus, maintenance records.

Miscofiguration Leaks

This SVR Monitoring Software Provide some Advance Future to Monitors the Every Activities of the Car Driver including the Place that he Visited with Pin Pointed Map and also anyone with login using credentials about the top stops or locations where the vehicle has been.

This Software has very Flexible to access with any Internet Connected Devices such as desktop, laptop, mobile phone or tablet.

Kromtech Security Center has Discovered & Reported This Vulnerability Disclosed report to SVR Tracking Company and the Company has been  Secured its MisConfigured  Sever.

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Researchers Detailed New Exfiltration Techniques Used By Ransomware Groups

Ransomware groups and state-sponsored actors increasingly exploit data exfiltration to maximize extortion and intelligence...

Massive Credit Card Leak, Database of 1,221,551 Cards Circulating on Dark Web

A massive data breach has sent shockwaves across the globe, as a database containing...