TransCredit exposed financial data of half a million Americans and Canadians

TransCredit is a Jacksonville, Florida-based business credit reporting agency for the transportation industry.

The IT security researchers at Website Planet discovered a misconfigured database that was owned by TransCredit, a Jacksonville, Florida-based business credit reporting agency for the transportation industry.

According to Website Planet’s Jeremiah Fowler, the database contained a treasure trove of sensitive financial and personal data of customers including trucking and transportation companies based in Canada and the United States.

What data was exposed?

In total, the misconfigured database exposed 822,789 records out of which 600,000 were customers’ credit records. Other exposed information included the following:

Full names  Tax ID numbers Email addresses Payment histories Banking information Social Security Numbers (SSN) Internal login IDs and passwords EIN (Employer Identification Number)

And the list goes on…

One of the screenshots from the exposed database (Image credit: Website Planet) Database exposed without password protection

According to Website Plant’s blog post, the worse part of the incident is that the database was left exposed to public access without any password or security authentication meaning anyone with knowledge of how to find misconfigured databases could have accessed the data.

Furthermore, the database was also at risk of being compromised by ransomware

Read More: https://www.hackread.com/transcredit-exposed-financial-data-americans-canadians/