119,000 Customers Exposed in FedEx Data Leak

FedEx is known for delivering goods to customers. Now, bad news is being delivered to FedEx customers.

There’s been another data leak to report today. This time, it’s the major delivery company FedEx. From Gizmodo:

Thousands of FedEx customers were exposed after the company left scanned passports, drivers licenses, and other documentation on a publicly accessible Amazon S3 server.

The scanned IDs originated from countries all over the world, including the United States, Mexico, Canada, Australia, Saudi Arabia, Japan, China, and several European countries. The IDs were attached to forms that included several pieces of personal information, including names, home addresses, phone numbers, and zip codes.

The server, discovered by researchers at the Kromtech Security Center, was secured as of Tuesday.

According to Kromtech, the server belonged to Bongo International LLC, a company that aided customers in performing shipping calculations and currency conversations, among other services. Bongo was purchased by FedEx in 2014 and renamed FedEx Cross-Border International a little over a year later. The service was discontinued in April 2017.

FedEx says that they have no evidence that the information is being misused, however, they say that the investigation is still ongoing.

The news comes after 800,000 customers had their information exposed in the Swisscom data breach. Otherwise, it has been a relatively quiet month compared to January so far. January was a particularly bad month for leaks and breaches. Here’s a list of what we were able to report on last month:

Sega data leak: Three games that were downloaded up to 600 million times
Jason’s Deli: 2 million customers compromised
Bell Canada: 100,000 customers compromised
Norway: 2.9 million medical records exposed
SinVR: 20,000 accounts leaked
Aadhaar data breach: 1 billion people exposed

So, indeed, February has been very quiet by comparison. One can only hope that it stays quiet as well and that these are the only two major data breaches that occur this month.

Drew Wilson on Twitter: @icecube85 and Google+.


1 Trackback

Leave a Reply

Your email address will not be published. Required fields are marked *