Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Government-level personal data leaked across seven countries

Misconfigured databases put millions at risk of identity theft and fraud

byKerem Gülen
September 5, 2025
in Cybersecurity
Home News Cybersecurity

Security researchers at Cybernews have identified three misconfigured servers holding personal data on more than 250 million individuals. The exposed information, including government-level identity profiles, originated from databases located in Brazil and the United Arab Emirates. This data leak placed a substantial number of people at risk of various cybercrimes.

The compromised data affected individuals across seven countries: Turkey, Egypt, South Africa, Saudi Arabia, the United Arab Emirates, Mexico, and Canada. Those in Turkey, Egypt, and South Africa experienced the most extensive data loss, described as “full-spectrum” data exposure. The leaked information encompassed ID numbers, dates of birth, contact details, and home addresses.

Despite the discovery of the misconfigured servers, Cybernews researchers were unable to definitively identify the database owners. Analysis of the data structures, however, suggested the possibility that a single entity operated all three servers. As Cybernews stated, “It’s likely that these databases were operated by a single party, due to the similar data structures, but there’s no attribution as to who controlled the data, or any hard links proving that these instances belonged to the same party.”

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

The structure of the leaked data pointed towards what the researchers described as “government-level identity profiles.” This characterization suggests a high level of detail and comprehensiveness in the exposed personal information.

Upon discovering the vulnerability, Cybernews contacted the hosting providers to secure the exposed data. The hosting providers responded by locking down the archives, preventing further unauthorized access. The exact duration the databases remained unlocked prior to this intervention remains unknown, raising concerns about potential prior access by malicious actors.

The potential consequences of this data leak are significant. The leaked information can be exploited for various cybercrimes, including identity theft, wire fraud, phishing, and social engineering. Threat actors could impersonate victims to open fraudulent bank accounts, obtain unauthorized loans, or file illegitimate tax returns. Furthermore, the data could be used to craft highly convincing phishing emails, increasing the likelihood of successful credential theft and subsequent access to sensitive business accounts.

The incident underscores the persistent risk posed by misconfigured databases. These types of misconfigurations remain a leading cause of data leaks across web and cloud environments, highlighting the need for robust security measures and diligent monitoring to prevent unauthorized access to sensitive information.


Featured image credit

Tags: CybersecurityFeatured

Related Posts

Salesforce Agentforce hit by Noma “ForcedLeak” exploit

Salesforce Agentforce hit by Noma “ForcedLeak” exploit

September 26, 2025
Co-op Group reports £75m loss after April cyber-attack

Co-op Group reports £75m loss after April cyber-attack

September 25, 2025
Taiwan industrial production up 14.4% in August thanks to AI chips

Taiwan industrial production up 14.4% in August thanks to AI chips

September 25, 2025
LastPass: GitHub hosts atomic stealer malware campaign

LastPass: GitHub hosts atomic stealer malware campaign

September 25, 2025
Sentinelone finds malterminal malware using OpenAI GPT-4

Sentinelone finds malterminal malware using OpenAI GPT-4

September 23, 2025
FBI warns of fake IC3 websites stealing data

FBI warns of fake IC3 websites stealing data

September 23, 2025

LATEST NEWS

Asus ROG Ally, Ally X preorders open; ships October 16

OpenAI: GDPval framework tests AI on real-world jobs

Hugging Face: AI video energy use scales non-linearly

Apple Wallet digital ID expands to North Dakota

Salesforce Agentforce hit by Noma “ForcedLeak” exploit

BetterPic: The industry-leading AI headshot generator

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.