A database with 245,949 records, owned by Rockerbox, was found unencrypted and without password protection. This database contained sensitive personally identifiable information (PII), including names, addresses, birth dates, and Social Security numbers. Such information poses risks of phishing and identity theft. No evidence currently indicates any malicious access to the data. Cybersecurity Researcher Jeremiah Fowler notified Rockerbox about the breach, leading to restrictions on access to the database to mitigate risks.
Cybersecurity Researcher Jeremiah Fowler revealed an unencrypted database with 245,949 records belonging to Rockerbox, which contains sensitive personally identifiable information (PII) such as names, addresses, and Social Security numbers.
The uncovered database, devoid of encryption or password protection, contained PII that could lead to phishing, social engineering, financial crimes, or identity theft if accessed by malicious actors.
Despite the risks posed by the exposed data, there is currently no evidence indicating that any threat actor has accessed the compromised information so far.
Following the discovery, Fowler communicated a responsible disclosure notice to Rockerbox, resulting in the restriction of access to the vulnerable database.
Collection
[
|
...
]