- A researcher has found nearly 200 000 personal items exposed
- It seems to belong to a billing platform, billing
- This leaves anyone who is affected at risk of fraud or identity theft
A publicly exposed database back without encryption or password and containing 178,519 files has been discovered by cybersecurity scientist Jeremiah Fowler. In the sampling of the vulnerable files, he reported that he saw personally identifiable information (PII) as names, addresses, numbers, treasures -id and more.
By analyzing the items that theorizing the researcher who theorized databases belong to small businesses, invoicing, although it is not certain whether the database is owned/managed directly by the company or whether it is operated by a third party.
A serious concern when PII is involved is the threat of identity theft as criminals will try to use your details to take out loans or credit cards. The extra danger of financial details or invoices is that threat players can replicate or emulate customers or business partners who use fake invoices or financial intercourse.
Elevated risks
The inclusion of financial information such as tax documents represents an opportunity for threat actors to create several different attacks, including fraud, social engineering or spear -phishing -attack -or even lead the criminals to higher value goals through their business relationships.
The researcher also outlines the risk of fraudulent tax files, with approx. 6,000 tax returns filed using stolen identities in 2025 – creating complicated situations for taxpayers who are then left and picked up the pieces.
“My advice to organizations that develop and provide invoice and accounting platforms, applications or services is to limit the collection and retention of personal data whenever possible,” Fowler said.
“Encrypt sensitive information so that it is not humanly readable; in that way, if there is a data exposure, encryption adds an additional layer of security. Although not impossible to decrypt, encrypted files remain properly to access without the correct credentials.”
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
