Tuesday, September 10, 2024
HomeData BreachAuto Tracking Company Sever Misconfiguration Leaks Over a Half Million Personal Records...

Auto Tracking Company Sever Misconfiguration Leaks Over a Half Million Personal Records Online

Published on

A New Discovered SVR Tracking Company Sever Repository Misconfiguration Leaks the Secret Information of vehicle recovery device and monitoring company SVR Tracking (stolen vehicle records) which Discovered from a misconfigured Amazon AWS S3 bucket.

SVR Tracking Providing service enables lot owners to locate and recover their vehicles with live, real-time tracking and provides stop verification.

Sever Misconfiguration may cause Biggest Impact that will Lead to Expose the Tons of Data from the Network into Public.

- Advertisement - EHA

This Publically Available SVR Tracking Owns Repository contains customers and re-seller network and also the physical device that is attached to the cars.

The repository exposed over a half of a million records with logins / passwords, emails, VIN (vehicle identification number), IMEI numbers of GPS devices and other data that is collected on their devices, customers and auto dealerships. Interestingly, exposed database also contained information where exactly in the car the tracking unit was hidden.

Also Read:   CCleaner Got Hacked & Used For Distributing Malware that Infected 2 Million Users

What all are the Information Misconfiguration Leaks

A Repository Contains Tons of Personal Information with a Backup Folder called “accounts” contained 540,642 ID numbers, account information that included many plate & Pin numbers, emails, hashed passwords, IMEI numbers and more.

This Leakage 116 GB of Hourly Backups ,5 GB of Daily Backups from 2017, 339 documents called “logs” that contained data from a wider date range of 2015-2017 UpdateAllVehicleImages, SynchVehicleStatus, maintenance records.

Also Document with information on the 427 dealerships that use their tracking information, 339 documents called “logs” that contained data from a wider date range of 2015-2017 UpdateAllVehicleImages, SynchVehicleStatus, maintenance records.

Miscofiguration Leaks

This SVR Monitoring Software Provide some Advance Future to Monitors the Every Activities of the Car Driver including the Place that he Visited with Pin Pointed Map and also anyone with login using credentials about the top stops or locations where the vehicle has been.

This Software has very Flexible to access with any Internet Connected Devices such as desktop, laptop, mobile phone or tablet.

Kromtech Security Center has Discovered & Reported This Vulnerability Disclosed report to SVR Tracking Company and the Company has been  Secured its MisConfigured  Sever.

Latest articles

Chinese Hackers Using Open Source Tools To Launch Cyber Attacks

Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a...

Small Business, Big Threats: INE Security Launches Initiative to Train SMBs to Close a Critical Skills Gap

As cyber threats grow, small to medium-sized businesses (SMBs) are disproportionately targeted. According to...

Researchers Details Attacks On Air-Gaps Computers To Steal Data

The air-gap data protection method isolates local networks from the internet to mitigate cyber...

Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive

In August 2024, researchers detected a malicious Google Chrome browser infection that led to...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Researchers Details Attacks On Air-Gaps Computers To Steal Data

The air-gap data protection method isolates local networks from the internet to mitigate cyber...

Verkada Pay $2.95 Million Failed To Secure Data Lead To Massive Breach

The FTC has ordered Verkada to implement a comprehensive information security program to address...

New ManticoraLoader – Malware Attacking Citrix Users To Steal Data

Cyble Research & Intelligence Labs has recently found information about a new type of...