Change and Configuration Management CONFIGURATION MANAGEMENT INTELLIGENT CHANGE CONTROL

Scottrade Bank was recently under fire after a security researcher found a 60GB MSSQL database containing sensitive information on at least 20,000 customers exposed to the public online.

Chris Vickery found the database on March 31 when searching for random phrases on the domain s3.amazonaws.com. The database he found was not encrypted and contained 48,000 lessee credit profile rows and 11,000 guarantor rows. Each row is said to contain information like Social Security Numbers, Names, Addresses, Phone Numbers, and other information.

The database also contained internal information like plain text passwords and employee credentials. Vickery immediately contacted Scottrade regarding the database and within two days the problem was resolved.

Scottrade insists that the issue was due in part to simple human error and that the third party vendor responsible, Genpact, says it had uploaded the dataset to a cloud server that did not have all the appropriate security protocols in place.  “Upon being alerted to the issue, Genpact immediately secured that information, and traced the issue to a configuration error on their part while uploading the file,” the Scottrade statement explained.

 

Read this article on CSO Online

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.