The misconfigured server, believed to be owned by UK officials, leaked a collection of 17 million entries containing information about British vehicles. Audio volume, licenses, speeds, recording and displacement times, as well as automatic surveillance cameras scattered throughout the area, with more than 24GB of data.
Although the amount of data in the volume could not be accurately estimated, at least 1.7 million different license plates appear in the volume, according to estimates by the cybernews experts responsible for the discovery of the open infrastructure. Equivalent to 4.5% of the total UK license.
This information is stored in an unsecured server in the Amazon cloud and runs in a retrieval event, indicating that your information has been used by authorities for search and verification. According to experts, the UK Security Council could not identify who was responsible for the data owned by the agencies.
In addition, this breach would have exposed at least 1.2% of the region’s total traffic records – this may seem small, but it’s not much, when we assume that this translates to 720,000 new entries each day. As the cars went through the cameras the data was hosted on the servers in real time, but the exact location of the devices could not be found.
Therefore, it was a rapidly growing volume that could not only expose citizens’ practices, but also reveal traffic control and surveillance information. There is also the risk of compiling data, as this list will facilitate cross-reference with other banks that have previously leaked, and will open the door to compromises on personal information. Cybernews, the content of the server was editable, with the possibility of deleting records or adding information in spying or defamation activities.
Once the scale was detected, experts reported the impact to the UK Department of Transportation and the National Cyber Security Center (NCSC). The server shut down a few days after exposure.
Source: Cyber News
