After misconfiguring a cloud database, a prominent online trading broker unintentionally leaked over 20TB of confidential consumer data online. The Elasticsearch server was discovered wide open with no authentication or strong passwords, according to researchers at WizCase. They soon tracked it down to FBS, one of the busiest online foreign exchange (forex) brokers in the world, with up to 16 million global traders.
According to the document, the database held over 16 billion documents, revealing the publicly identifying information of millions of consumers (PII). Complete identities, email and billing addresses, phone numbers, IP addresses, passport numbers, social media IDs, and ID authentication scans of national ID cards, driver’s licenses, bank account accounts, mortgage payments, and credit cards were among the things checked. According to WizCase, other information included FBS user IDs, unclassified passwords, login history, loyalty info, and new password links. This case shows the importance of becoming involved in the market with someone who is authorized and a valid experience in operating on the market, in most cases reviewed Forex brokers are those who are reviewed by those who already had contact with them. They are making comments or writing reviews about their experience with certain brokers and it becomes easier for people to make decisions on whether to connect with them or not. It is also suggested by the high authorities to make good research before actually becoming involved in the market activities.
Scammers may use this trove of PII to impersonate victims online and commit fraudulent activity or use it to extract still more confidential details from victims through follow-on phishing attacks. Cybercriminals could potentially carry out transaction theft using scans of both parts of consumers’ credit cards, and the stolen password information could lead to account intrusion attacks.
WizCase cautioned that anyone whose purchases suggest considerable wealth may be attacked at their home address or conned. On October 1, 2020, WizCase found the leak and contacted FBS the very next day. The server was encrypted on October 5, even though it’s unknown how long it had been open prior to that. Customers are asked to call their broker to see if they have been impacted by the security breach. Users can update their passwords and allow two-factor verification on their internet accounts, search for suspicious bank account behavior, and be on the lookout for phishing attacks, according to WizCase.