The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says.
Detailed personal information from thousands of insurance customers in Maryland–as well as login credentials for a massive national insurance claims database–was exposed due to an an open port on a NAS server.
The misconfiguration exposed a wealth of information on Maryland Joint Insurance Association policy holders, including names, addresses, phone numbers, dates of birth and Social Security numbers, according to researcher Chris Vickery of Upguard who discovered it. The data also includes bank account numbers, check images, internal access credentials.
For More Details :
https://threatpost.com/insurance-customers-personal-data-exposed-due-to-misconfigured-nas-server/129834/
