1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Nearly 250,000 records leaked in major tax consultancy breach - h

    From TechnologyDaily@1337:1/100 to All on Wed Jul 9 14:45:08 2025
    Nearly 250,000 records leaked in major tax consultancy breach - here's what
    we know

    Date:
    Wed, 09 Jul 2025 13:37:00 +0000

    Description:
    Rockerbox kept an open database unsecured online, leaking documents and PII.

    FULL STORY ======================================================================Rockerbo x kept an open database online for an unknown period The database contained
    ID card numbers and other vital information Following its discovery, it has now been locked down

    A tax credit consulting agency inadvertently exposed sensitive data on thousands of its customers by allegedly keeping a database filled with personally identifiable information (PII) open on the public internet.

    It was discovered by Jeremiah Fowler, a cybersecurity researcher and analyst known for hunting for unencrypted and non-password-protected databases, and
    in a new vpnMentor report, Fowler said he found an archive with a total size of 286.9 GB, containing 245,949 records.

    In a limited sampling of the exposed documents, I saw files that detailed PII such as names, physical addresses, email addresses, DOB, and SSN in plain text, Fowler explained. There were also drivers licenses, identification cards, SSN cards, work opportunity tax credit documents that included employment and salary information, and determination letters with acceptance or denials of eligibility. Rockerbox leaks

    Furthermore, he observed DD214 forms - Certificates of Release or Discharge from Active Duty, issued by the US Department of Defense to veterans and similar military personnel. There were also password-protected PDF files labeled as forms, with file names containing PII such as employer names, and applicant first and last names.

    Fowler attributed the database to a Texas-based company called Rockerbox, a tax credit consulting organization helping businesses increase their cash
    flow by identifying and managing employer-focused tax incentives through programs like the Work Opportunity Tax Credit (WOTC), Employee Retention Tax Credit (ERTC), R&D credits, and Empowerment Zone credits.

    After reaching out to Rockerbox, the company closed down the archive in a matter of days, but allegedly never replied back to the researcher.

    Therefore, we dont know if the company manages this database, or if that work was handled by a third party - or if any threat actors obtained it in the past, but at press time, there was no evidence about in-the-wild abuse. You might also like More than 3 million records, 12TB of data exposed in major
    app builder breach Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/nearly-250-000-records-leaked-in-major- tax-consultancy-breach-heres-what-we-know


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)