Green Card Lottery applicants see private data leaked online
Date:
Thu, 07 Dec 2023 15:13:21 +0000
Description:
Green Card lottery applicants have private data leaked online, available to anyone who knew where to look.
FULL STORY ======================================================================
Hundreds of thousands of people applying for the US Green Card Lottery have had their personally identifiable data (PII) exposed on the internet, due to sloppy data protection practices by a third party.
This is according to a report from researchers at Cybernews , who found the data and notified the company operating the database, when it was
subsequently locked.
As per the report, a private company known as US GREEN CARD OFFICE LIMITED (USGCO) kept the data on the applicants, as well as their closest of kin, in plaintext, in an unlocked database, available to anyone who knew where to look. Web crawlers, scrapers, or even usgreencardoffice website visitors
could have easily found it. Alarming and dangerous
The database held sensitive data on 202,000 Diversity Immigrant Visa program applicants, including email addresses, passwords in deprecated MD5 hashes, full names, genders, places and dates of birth, phone numbers, marital
status, education, and number of children. Furthermore, in the database there was information on 147,000 secondary users - spouses and children. This data included names, genders, marital status, date of birth, place of birth, and education level.
The data seems to date from 2018.
This leak is alarming and extends beyond inconvenience. It affects more than 350 thousand people, some of whom may be vulnerable due to their immigration status. Bad actors could exploit leaked contacts and crack the passwords stored using an outdated hashing algorithm from 1991. Social engineering attacks are also likely, it was said in the report.
While in most cases, unprotected databases such as this one remained under
the radar and out of sight for cybercriminals, this time around chances are that someone already found the database and took its contents. Cybernews researchers found a reverse shell on the website hosting the database, that indicates compromise.
A PHP script, called navigation-s1O0f7.php appeared to be a reverse web shell used by malicious actors to extract information and transfer files from the server. This file was hidden and masqueraded as a Divi theme for WordPress the website itself was not running on WordPress, the researchers said.
As the shell files upload date is August 1, 2023, its highly likely the data was taken. We will know for sure if, or when, it pops up for sale on the dark web. In the meantime, applicants should be wary of any email messages
claiming to come from the Green Card Lottery.
TechRadar Pro has contacted USGCO for comment. More from TechRadar Pro Major data breach exposes database of 200 million users Here's a list of the best firewalls today These are the best endpoint protection software right now
======================================================================
Link to news story:
https://www.techradar.com/pro/security/green-card-lottery-applicants-see-priva te-data-leaked-online
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)