- Two free ways to get a Perplexity Pro subscription for one year
- The 40+ best Black Friday PlayStation 5 deals 2024: Deals available now
- The 25+ best Black Friday Nintendo Switch deals 2024
- Why there could be a new AI chatbot champ by the time you read this
- The 70+ best Black Friday TV deals 2024: Save up to $2,000
Cook County Leaks 320,000 Court Records
Over 320,000 court records belonging to the second most populous county in the US have been discovered sitting on a misconfigured online database.
Security researcher Jeremiah Fowler and a team from Website Planet soon found that the data was all from Cook County, Illinois, which is home to America’s third-largest city, Chicago.
“There have been several high -profile data exposures of private companies that affected Cook County residents in the past few years including a large hospital data breach. However, this appears to be the largest breach of Cook County internal records to date,” noted Fowler.
“We hope our discovery and notification helped protect and secure this sensitive data before it could be stolen, encrypted with ransomware, or wiped out by an automated bot script. Companies, organizations and even governments must do more to protect the data they collect and store.”
He said that the highly sensitive data appears to have come from an internal records management system, with virtually all exposed records containing some form of personal info including: full names, home addresses, email addresses, case numbers and private case notes.
Dating back nine years, the cases were marked up signify they relate to either immigration, family or criminal court proceedings.
Immigration case notes are particularly lucrative for fraudsters as it they can help to add legitimacy to social engineering scams.
“In this exposure there was a treasure trove of contacts and data that could have potentially been exploited for a wide range of nefarious purposes,” argued Fowler. “Immigrants are in a vulnerable position and these are real threats against people who can rarely protect themselves or fight back for their rights due to lack of resources, including financial resources.”
Family court records are also particularly sensitive as they can include details of children involved in domestic violence, custody and other cases, he added.
In many cases, the victims were not only exposed to phishing and possible identity theft attempts but also blackmail.
The exposed database was discovered on a Saturday and secured promptly two days later on the Monday. However, there’s no clue as to how long it was left online, available to access by “anyone with an internet connection.”