425GB of data linked to MCA Wizard app found exposed on unsecured database
A large amount of confidential data relating to two financial companies has been found exposed online in the latest case of a failure to secure a cloud-hosted database.
The exposure was discovered by security researchers at vpnMentor and publicized Tuesday. It’s believed to be linked to MCA Wizard, an iOS and Android app developed by Advantage Capital Funding and Argus Capital Funding.
The database was 425 gigabytes in size and included more than 500,000 highly sensitive documents such as private legal and financial files. Those files included credit reports, bank statements, legal documents, contracts, driver’s license copies, tax returns, purchase orders and receipts, Social Security information and more.
The security researchers attempted to reach out to both companies with no success in December before opting to contact cloud host Amazon Web Services Inc. Jan. 7. The database was finally taken offline Jan. 9.
“This is another unfortunate instance of an AWS bucket left open without any security protocols, leaving extremely sensitive legal and financial documents unprotected online — accessible to anyone worldwide,” James Carder, chief security officer and vice president of security intelligence company LogRhythm Inc., told SiliconANGLE. “In 2020, businesses are increasingly moving information to the cloud for cost efficiency, increased flexibility, and improved accessibility. However, it is important to understand the gravity of what it means to move this type of information to the cloud and be prepared to use everything at your disposal to protect it.”
Anurag Kahol, chief technology officer of cloud access security broker firm Bitglass Inc., noted that the leak could have been avoided by using data-centric security tools that ensure proper configuration of cloud services, deny unauthorized access, enforce real-time access control and the like. “Companies must deploy security solutions that provide the breadth and depth of capabilities needed in order to maintain complete visibility and control over data in the cloud,” he said.
Chris DeRamus, chief technology officer of cybersecurity company DivvyCloud Corp., said that it’s unclear how long the database was left open, and threat actors could have already accessed the personally identifiable information and shared it on dark web marketplaces for a quick profit.
“Especially for financial organizations that manage sensitive information and capital, a proactive approach to ensuring data is secure is necessary,” DeRamus said. “Automated cloud security solutions can detect misconfigurations in real-time and trigger instant remediation so that vulnerabilities are identified and fixed within seconds and cloud resources remain secure.”
Image: MCA Wizard
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.