WhatsNew2Day
Latest News And Breaking Headlines

Huge data leak reveals medical records, mugshots and IDs of more than 36,000 American prisoners

Tens of thousands of files of American prisoners have been leaked online.

Cyber ​​security researchers discovered a bucket with mosquito shots, full names, IDs, medical records and other sensitive information of 36,077 detained persons.

JailCore, a platform used to manage correction facilities, was left unsecured and unencrypted on an Amazon server, affecting locations in Florida, Kentucky, Missouri, Tennessee, and West Virginia

The bucket was discovered by vpmMentor on January 3, but was closed almost two weeks later – leaving enough data online for cyber criminals to steal the person’s identity.

Cyber ​​security researchers discovered a bucket with mosquito shots, full names, IDs, medical records and other sensitive information of 36,077 detained persons

Cyber ​​security researchers discovered a bucket with mosquito shots, full names, IDs, medical records and other sensitive information of 36,077 detained persons

The team explained that stealing the identity of a person in prison can cause greater damage, as it can take some time to discover that they have been scammed.

Hackers can also use their information for other illegal activities such as credit card fraud and scams for families.

The data breach was first noticed on January 3 and vpnMentor quickly reached JailCore on January 5.

DailyMail.com has contacted JailCore for comments and has yet to receive a response.

According to vpnMentor, JailCore refused to accept the disclosure of their findings and demanded that the information be sent by fax.

JailCore was left unsecured and unencrypted on an Amazon server, affecting locations in Florida, Kentucky, Missouri, Tennessee, and West Virginia. The bucket was discovered by vpmMentor on January 3, but was closed almost two weeks later

JailCore was left unsecured and unencrypted on an Amazon server, affecting locations in Florida, Kentucky, Missouri, Tennessee, and West Virginia. The bucket was discovered by vpmMentor on January 3, but was closed almost two weeks later

JailCore was left unsecured and unencrypted on an Amazon server, affecting locations in Florida, Kentucky, Missouri, Tennessee, and West Virginia. The bucket was discovered by vpmMentor on January 3, but was closed almost two weeks later

JailCore responded to the information from the data breach by vpnMentor with: Not the 36,000 mentioned in an earlier email, “JailCore told vpnMentor.

‘Of those 6 prisons, only 1 uses the application to follow therapy compliance. It is a prison for 35 prisoners and only 5 of those 35 prisoners in that prison have prescribed medication.

“This means that all other reports with some mention of medication were only used for demonstration purposes.”

‘These are locked up individuals, not free citizens. That is, the same privacy laws that you and I enjoy, they don’t. “

‘I would like to ask you to correct all the facts before you write / publish something. You cannot see this as an example of a private individual who is hacking certain private information from the cloud ‘.

Leaked data included the prescription of prisoners - such as the name of the drug, the dosage and whether the prisoner accepted the drug - full names, mugshots, booking numbers, IDs of prisoners, activity logs and more

Leaked data included the prescription of prisoners - such as the name of the drug, the dosage and whether the prisoner accepted the drug - full names, mugshots, booking numbers, IDs of prisoners, activity logs and more

Leaked data included the prescription of prisoners – such as the name of the drug, the dosage and whether the prisoner accepted the drug – full names, mugshots, booking numbers, IDs of prisoners, activity logs and more

The team explained that stealing the identity of a person in prison can cause greater damage, as it can take some time to discover that they have been scammed. Hackers can also use their information for other illegal activities such as credit card fraud and scams for families

The team explained that stealing the identity of a person in prison can cause greater damage, as it can take some time to discover that they have been scammed. Hackers can also use their information for other illegal activities such as credit card fraud and scams for families

The team explained that stealing the identity of a person in prison can cause greater damage, as it can take some time to discover that they have been scammed. Hackers can also use their information for other illegal activities such as credit card fraud and scams for families

“These are trapped persons who are OWNERSHIP OF THE COUNTRY (this is even on their uniforms) … they do not enjoy the same liberties.”

After the Pentagon was notified of the breach on January 15, the leak of the S3 bucket was finally closed on January 16.

Ariel Hochstadt, co-founder of vpnMentor said, “For a technology company, our research team found it odd that there was no available privacy policy or terms of service for JailCore and that their site was offered unencrypted without an SSL certificate.”

“We were able to access the Jailcore S3 bucket because it was completely unsecured and unencrypted.

“JailCore could have easily prevented this leak if they had taken some basic security measures to protect the S3 Bucket, such as securing their servers and implementing proper access rules.”

Leaked data included the prescription of prisoners – such as the name of the drug, the dosage and whether the prisoner accepted the drug – full names, mugshots, booking numbers, IDs of prisoners, activity logs and more.

Full names and signatures of correctional officers and drug managers were also exposed.

“Every prisoner who was checked into a detention center, as far as we could see, has registered a number of PII about themselves and their mugshots to the system,” vpnMentor told a blog post. “

“Part of this is shared in an online, publicly accessible schedule of current prisoners, for example when it comes to county jails.”

“What should not be available to everyone is individual specific medication information and additional sensitive data.”

“Also included were the full names of prison officers (and sometimes their signature), associated with personally completed observation reports and the like.

Although JailCore was not happy to hear that there was a leak, it said that “data security is of the utmost importance here at JailCore.”

“We ensure that all our data is fully encrypted, as well as when it is at rest.”

.