Teller Report

Now you can see non-English news...

Big data leak: Media: At Buchbinder car rental company, customer data was open

2020-01-22T14:43:25.346Z

ZEIT ONLINE | News, backgrounds and debates



Berlin (dpa) - According to a media report at the car rental Buchbinder, customer data were accessible on the Internet in a large way due to a mistake.

The approximately five million files with extensive company correspondence included scanned invoices, contracts, e-mails and damage images from cars, as reported by the computer magazine «c't» and «Die Zeit».

Accordingly, the rental contracts included names, addresses, dates of birth and driver's license information.

“Die Zeit” and “c't” informed the car rental company of the Europcar Group on January 20 about the problem.

"Immediately after becoming aware of the facts, we immediately arranged for the corresponding ports to be closed by our contract partner responsible for maintaining and securing the servers," wrote Terstappen Autovermietung GmbH, part of the Buchbinder Group, in a reaction cited by the media. Buchbinder held out the prospect of a later Europcar statement.

According to "c't" and "Zeit", a configuration error in a backup server was the cause. In theory, every Internet user could have downloaded the data without entering a password - but you would have had to know the exact IP address or browsed the network for unsecured servers.

At first, there was no information as to whether the vulnerability could have been exploited. According to "c't" and "Zeit", data from Greens boss Robert Habeck and Arne Schönbohm, President of the Federal Office for Information Security (BSI) were also in the database, which was openly accessible.

"C't" and "ZEIT" received the information about the open server from IT security expert Matthias Nehls. Its company, the German Society for Cyber ​​Security, came across the open server during routine scans. Nehls initially said that he contacted Buchbinder twice via email, but received no response. Thereupon he informed the responsible data protection officer in Bavaria and the two media.

Source: zeit

Tech/Game 2020-01-22T12:28:08.143Z
News/Politics 2020-01-22T12:28:13.881Z
news 2020/04/07    

© Communities 2019 - Privacy