Skip to main content

Nearly 32 million personal files with sensitive data have been exposed

Your full name, address, and partial credit card numbers may have been exposed in a data breach involving field service management business ServiceBridge. Security researcher Jeremiah Fowler’s report uncovers that nearly 32 million non-password-protected files, such as contracts, invoices, agreements, and more, were exposed.

The information was publicly accessible, with no security authorization needed, for an undisclosed amount of time, and there is no official confirmation of who may have accessed it. The files date back to 2012 and are linked to companies from Canada, numerous European countries, the U.S., and the U.K.

Recommended Videos

The exposed files also included inspections, phone numbers, and Health Insurance Portability and Accountability Act (HIPAA) consent forms, and more.

Screenshot of an inspection of an iOT device.
Website Planet

The files named “site audit reports” contained pictures of businesses’ exterior and interior, gate access codes, and other access data. This breach affects various companies since, as Fowler mentions in his report: “The ServiceBridge platform was built to serve multiple industries such as commercial or industrial services, pest and animal control, cleaning, landscaping, construction, and other services. The documents I saw listed a wide range of customers: from private homeowners, schools, and religious institutions to well-known chain restaurants, Las Vegas casinos, medical providers, and many others.”

The exposed files put many customers at risk of fraud and other criminal activity, such as spear phishing, as the leak included internal information that only the customer and business would know.

Fowler advises businesses and customers to protect themselves by instructing them to “always keep accurate records of vendors, contractors, and customers to verify that payment requests are legitimate. Paying invoices on time is important for any business, and criminals exploit the need for fast payments.

If something feels suspicious about an invoice, I recommend withholding the payment until the information is verified. Customers should also be vigilant when they are contacted by businesses they have used in the past asking for additional information or unexpected payment requests.”

With data breaches on the rise, it’s always a good idea to have one of the best identity theft protection services.

Judy Sanhz
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
Microsoft data breach exposed sensitive data of 65,000 companies
A depiction of a hacker breaking into a system via the use of code.

Microsoft servers have been subject to a breach that might have affected over 65,000 entities across 111 countries, according to the security research firm, SOCRadar.

SOCRadar claims that it shared with Microsoft its findings, which detailed that a misconfigured Azure Blob Storage was compromised and might have exposed approximately 2.4TB of privileged data, including names, phone numbers, email addresses, company names, and attached files containing proprietary company information, such as proof of concept documents, sales data, product orders, among other information.

Read more
A data breach can cost millions of dollars — and you might be paying it
A dark mystery hand typing on a laptop computer at night.

According to a recent report from IBM Security, data breach costs are constantly on the rise. Unfortunately, this spells bad news not just for the companies involved, but also for the customers -- in more ways than one.

The report, which states that an average data breach is now estimated to cost $4.4 million, exposes the fact that the skyrocketing costs of data breaches directly affect the prices paid by the end customer.

Read more
Personal data of 69 million Neopets users is now up for sale after a data breach
Person typing on a computer keyboard.

Neopets, an aged website that lets users keep virtual pets and take care of them, just suffered a major data breach. Aside from the personal data of over 69 million users, the hacker was able to obtain the website's source code.

This isn't the first time Neopets has faced a massive leak, but this time around, user data is currently being sold for crypto -- and the leak includes more than just usernames and passwords.

Read more