Mountain of sensitive FedEx customer data exposed, possibly for years

by
Dan Goodin
from Ars Technica - All content on (#3G08S)
fedex-customer-data-800x586.jpg

Enlarge / A redacted copy of data FedEx employees left on a publicly accessible Amazon bucket. (credit: Kromtech Security Center)

Passports, driver licenses, and other sensitive documentation for thousands of FedEx customers were left online, possibly for years, in a blunder that left the information available to identity thieves and other malicious actors, researchers said Thursday.

In all, Kromtech Security Center said, researchers found 119,000 scanned documents stored in a publicly available Amazon S3 bucket. The photo ID scans were accompanied by completed US Postal Service forms that included names, home addresses, and phone numbers of people who requested to have mail delivered by an authorized agent.

"Citizens from all over the world left their scanned IDs-Mexico, Canada, EU countries, Saudi Arabia, Kuwait, Japan, Malaysia, China, Australia-to name a few," Kromtech researchers wrote.

Read 4 remaining paragraphs | Comments

index?i=3TdLeX2mv6s:Xy7_zIXcW00:V_sGLiPB index?i=3TdLeX2mv6s:Xy7_zIXcW00:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments