A Student Loan company in United states data leaked barring over 25k PDF’s and 55k call recordings
Researchers at Cyber news found that an unsecured Amazon Simple Storage Service (S3) bucket was breached and leaked information of over 25k PDF’s and 55k call recordings between loan support workers and American consumers with outstanding student loans.
The leak of the open database of the loan company also contains the loaners’ social security numbers, among other sensitive personal data.
The database seems to belong to members of the Student Advocates Group, which an FTC press release named as a student loan debt relief scheme that “bilked millions out of consumers by charging illegal upfront fees and falsely promising to lower or even eliminate consumers’ loan payments or balances.
said Cyber news
According to the Cyber news, the bucket contains sensitive data from people across the US, including California residents, the bucket owner may have to pay damages and penalties under the CCPA, since: The leaked data contains highly personal information (including names plus social security numbers and tax ID numbers,). The data is both non-encrypted and non-redacted (all samples in this article have been redacted by CyberNews). The leak is “a result of the business’s violation of the duty to implement and maintain reasonable security procedures and practices appropriate to the nature of the information.
The leaked information of the database can cause harmful actions for the customers as the attacker can access all the personal details and can mislead them like take out loans in your name, apply for credit cards, collect tax refunds, collect benefits and income, commit crimes, set up phone numbers, websites and residences, use your health insurance and much more.
Well, the company is yet to release a statement about the matter and the cyber cell of the country is yet to take any action against the company. We can only help is that recommend you to activate two-factor authentication on your personal accounts. For more cybersecurity and tech news subscribe to our newsletter from here