Latest in Gear

Image credit:

FedEx left sensitive customer data exposed on unsecured server

The data has since been secured, but was available for a long period of time.
Rob LeFebvre, @roblef
February 15, 2018
Share
Tweet
Share

Sponsored Links

Getty Images

It seems like there's no end to the data breach stories. Uber covered their problem up, then had to answer to Congress. Equifax's initial response to its massive data exposure added its own security issue. Federal employees were even found stealing data from Homeland Security. Now FedEx customer records — including passports, drivers licenses and other security IDs — have been exposed, according to security researchers at Kromtech.

Apparently, FedEx bought Bongo International in 2014, then rebranded it as FedEx Crossborder (which was itself shut down last year). The exposed data were reportedly stored on an unsecured Amazon S3 virtual server that belonged to Bongo, and included records from a period of 2009 - 2012, according to Kromtech, who own MacKeeper Security. Once the company connected with ZDNet's Zack Whittaker, who did some digging, the exposed server was removed from public access entirely. Still, that means all these records have been available for a long time.

"After a preliminary investigation," FedEx told ZDNet, "we can confirm that some archived Bongo International account information located on a server hosted by a third-party, public cloud provider is secure. The data was part of a service that was discontinued after our acquisition of Bongo. We have found no indication that any information has been misappropriated and will continue our investigation."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

View
Xbox Series X and Series S walkthrough is a day-one primer

Xbox Series X and Series S walkthrough is a day-one primer

View
Facebook will not ban Oculus owners with multiple VR headsets (updated)

Facebook will not ban Oculus owners with multiple VR headsets (updated)

View
LG unveils the first Tone Free wireless earphones with ANC

LG unveils the first Tone Free wireless earphones with ANC

View
iPhone 12 drop test confirms the new screen helps durability, to an extent

iPhone 12 drop test confirms the new screen helps durability, to an extent

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr