FedEx data breach: 119,000 passports or photo IDs found on unsecured server
We are solutions, builders who provide comprehensive, complete, IT security management programs. In an IT security solutions initiative involving many vendors, we are the project managers who pull it all together and make sure it works as planned- for the long term. Breaches such as the one afflicting FedEx could have been avoided if Adsero Security were involved. Read on to find out how this happened.
Thousands of FedEx (FDX) customers’ private information was exposed after the company left scanned passports, driver’s licenses and other personal documentation on a publicly accessible server.
The incident was first discovered by researchers at a German-based security center called Kromtech earlier this month.
According to the security firm, the server belonged to Bongo International, a company that helped customers with shipping calculations and currency translations. FedEx purchased Bongo in 2014 but renamed the company FedEx Cross-Border International a year later before discontinuing the service in April 2017.
FedEx said on Thursday that it has secured some of the customer identification records that were exposed earlier this month and added that so far it has found no evidence that private data were “misappropriated.” The company, however, said it continues to investigate.
“After a preliminary investigation, we can confirm that some archived Bongo International account information located on a server hosted by a third-party, public cloud provider is secure. The data was part of a service that was discontinued after our acquisition of Bongo. We have found no indication that any information has been misappropriated and will continue our investigation,” a spokesman confirmed to FOX Business on Friday.
The data breach could affect anyone who might have used Bongo’s services anytime from 2009 to 2012, and it’s possible the data were exposed online for several years,” according to Bob Diachenko, Kromtech’s head of communications.
