- Jun 24, 2016
- 636
A security expert who in his spare time discovers data breaches affecting millions explains why he does it:
In September 2015,medical insurance claim company Systema Software made headlines for all the wrong reasons: 1.5 million Americans' data was publicly available online via an unsecured database, including everything from drug test results to social security numbers.
Then in December that year, 191 million US voters' records were found easily accessible online, again due to a misconfigured database. Later that month, 3.3 million Hello Kitty fans' data was also exposed — including info on nearly 200,000 minors.
In April 2016, there was a second voter database discovered unprotected online — this one containing data on 87 million Mexican citizens. In June,it was a huge terrorist and "heightened-risk individual" database, containing 2.2 million records.
All of these incidents have one thing in common: They were discovered by a prolific security researcher called Chris Vickery...
By day, Vickery — who lives in Texas — works in tech support for a law firm. "But by night I do the security research stuff," he told Business Insider.
If you know where to look, the modern internet is littered with unsecured and misconfigured databases — often containing highly sensitive personal information on up to millions of individuals.
Vickery trawls the web looking for these databases, reporting notable ones to the companies responsible, and helping them patch the problems. He uses freely available software like search engine Shodan and network scanner NetScan to help him. The tools "let me look at general open ports on the internet," Vickery says. "Things that require no password, no username, or anything like that, and are open and exposed to the world."..
To read the full article,and the Interview with Chris Vickery, please visit the link at the top of the page
In September 2015,medical insurance claim company Systema Software made headlines for all the wrong reasons: 1.5 million Americans' data was publicly available online via an unsecured database, including everything from drug test results to social security numbers.
Then in December that year, 191 million US voters' records were found easily accessible online, again due to a misconfigured database. Later that month, 3.3 million Hello Kitty fans' data was also exposed — including info on nearly 200,000 minors.
In April 2016, there was a second voter database discovered unprotected online — this one containing data on 87 million Mexican citizens. In June,it was a huge terrorist and "heightened-risk individual" database, containing 2.2 million records.
All of these incidents have one thing in common: They were discovered by a prolific security researcher called Chris Vickery...
By day, Vickery — who lives in Texas — works in tech support for a law firm. "But by night I do the security research stuff," he told Business Insider.
If you know where to look, the modern internet is littered with unsecured and misconfigured databases — often containing highly sensitive personal information on up to millions of individuals.
Vickery trawls the web looking for these databases, reporting notable ones to the companies responsible, and helping them patch the problems. He uses freely available software like search engine Shodan and network scanner NetScan to help him. The tools "let me look at general open ports on the internet," Vickery says. "Things that require no password, no username, or anything like that, and are open and exposed to the world."..
To read the full article,and the Interview with Chris Vickery, please visit the link at the top of the page
