- ‘Star Trek: Discovery’ delivers a powerfully political episode Thursday 8:30 PM
- Bowser is taking over Nintendo—and the memes make themselves Thursday 7:02 PM
- California aims to strengthen data breach notification law Thursday 5:37 PM
- Feds say college student operated drug business through gaming app Thursday 4:36 PM
- Trump is again using old videos to claim his border wall is ‘under construction Thursday 4:05 PM
- Laura Loomer led a second protest at Twitter yesterday Thursday 3:37 PM
- The eyes have it in these ‘Alita: Battle Angel’ memes Thursday 2:13 PM
- Facebook let advertisers target users interested in infamous Nazis Thursday 1:58 PM
- Dem senator promises to put net neutrality on the ‘political hot seat’ in coming months Thursday 1:28 PM
- Someone figured out that Toothless from ‘How to Train Your Dragon’ looks just like Bulbasaur Thursday 12:44 PM
- Disturbing Snapchat video shows 17-year-old throwing dog on trampoline Thursday 12:16 PM
- How to watch the new Bon Appetit channel for free Thursday 12:03 PM
- Eminem disses Netflix for canceling ‘The Punisher’ Thursday 11:50 AM
- Florida prisons sued for depriving inmates of music they paid for Thursday 11:36 AM
- Chris Hemsworth will become Hulk Hogan for Netflix biopic Thursday 11:29 AM
Photo via Gino Santa Maria/Shutterstock (Licensed)
The exposure was closed one day after it was discovered.
Cybersecurity firm UpGuard discovered the vulnerability on Aug. 11 on an Amazon Web Services device where data was left out in the open to be downloaded by anyone with the correct web address. The leak, first reported by Gizmodo, contained the names, addresses, date of birth, partial social security numbers, and state ID info of Chicago residents. The data was not protected by a password.
UpGuard notified state authorities and the FBI earlier this week as soon as it found the breach. The data files were then downloaded by a cyber risk analyst who pinpointed their origin. Federal officials then looped in ES&S, which began an investigation with help from UpGuard. The company assured the breach did not contain ballot information or vote totals, and that it had no impact on the election.
“The company is in the process of reviewing all procedures and protocols, including those of its vendors, to ensure all data and systems are secure and prevent similar situations from occurring,” ES&S said in a statement. ES&S secured the files and shut down the server on Aug. 12, one day after the leak was discovered.
In a similar leak in June, a data analysis contractor hired by the Republication National Committee left nearly 200 million Republican voters exposed on an Amazon server. UpGuard discovered the 25TB database and helped Deep Root Analytics patch up its system.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.