The company was founded in 1993.
But rare are these times.
We often need days of investigation before we understand whats at stake or whos exposing the data.
Understanding a breach and its potential impact takes careful attention and time.
We work hard to publish accurate and trustworthy reports, ensuring everybody who reads them understands their seriousness.
Some affected parties deny the facts, disregarding our research or playing down its impact.
So, we need to be thorough andmake sure everything we find is correct and accurate.
S3 buckets are an increasingly popular enterprise cloud storage solution.
However, users must set up their security protocols manually to protect the data stored therein.
Upon discovering the exposed cloud account, we quickly identified Phlebotomy Training Specialists as the owner.
While they replied the same day asking for more information, that was the last we heard from them.
A few weeks later, US-CERT closed our support ticket on their website.
This means students at this time may also be affected by the data breach.
ID Cards and Driver Licenses - 1,900+
These were most likely submitted by course applicants.
These forms included vast amounts of data collected from Phlebotomy Training Specialists students by its staff.
Thousands of forms related to the CaPPT were also stored on Phlebotomy Training Specialists S3 bucket.
Course Vouchers - Approx.
1,000
The least harmful information it exposed were a collection of vouchers for Phlebotomy Training Specialists courses.
In a phishing campaign, criminals send victims fake emails and text messages imitating real businesses and organizations.
Cyberattacks on hospitals and medical institutions have been on the rise in recent years as a result.
Finally, much of the data exposed in this breach is permanent and can never be changed.
For The Company
Phlebotomy Training Specialists also faces several negative outcomes from this data breach.
Former and current students may also threaten to sue the company for compromising their privacy and security.
Finally, Phlebotomy Training Specialists could lose a lot of business.
Theyre usually the result of an error by the owner of the bucket.
Amazon provides detailed instructions to AWS users to help them secure S3 buckets and keep them private.
To learn about data vulnerabilities in general, read ourcomplete guide to online privacy.
Our researchers use large-scale web scanners to search for unsecured data stores containing information that shouldnt be exposed.
They then examine each data store for any data being leaked.
Our team was able to access this S3 bucket because it was completely unsecured and unencrypted.
As ethical hackers, were obliged to inform a company when we discover flaws in its online security.
The purpose of this web mapping project is to helpmake the internet safer for all users.
We never sell, store, or expose any information we encounter during our security research.
Our ethical security research team has discovered and disclosed some of the most impactful data breaches in recent years.
This has includedexposing the growing popularity of cybercrime groups on Telegram.
We also revealed how apopular Chinese game developer was leaking data from over 1 million people.
You may also want to read ourVPN Leak Report and Data Privacy Stats Report.
Help Us Protect The Internet!
Check the Leak Box here »
like, comment on how to improve this article.
