Enlarge / A redacted copy of data FedEx employees left on a publicly accessible Amazon bucket. (credit: Kromtech Security Center)
Passports, driver licenses, and other sensitive documentation for thousands of FedEx customers were left online, possibly for years, in a blunder that left the information available to identity thieves and other malicious actors, researchers said Thursday.
In all, Kromtech Security Center said, researchers found 119,000 scanned documents stored in a publicly available Amazon S3 bucket. The photo ID scans were accompanied by completed US Postal Service forms that included names, home addresses, and phone numbers of people who requested to have mail delivered by an authorized agent.
“Citizens from all over the world left their scanned IDs—Mexico, Canada, EU countries, Saudi Arabia, Kuwait, Japan, Malaysia, China, Australia—to name a few,” Kromtech researchers wrote.
Read 4 remaining paragraphs | Comments
Source: Ars Technica – Mountain of sensitive FedEx customer data exposed, possibly for years