- Rockerbox maintained an open database online during an unknown period
- The database contained identification card numbers and other vital information
- After its discovery, it has now been blocked
A fiscal credit consulting agency inadvertently exposed confidential data to thousands of its clients to allegedly maintain a database full of personal identification information (PII) open on public Internet.
It was discovered by Jeremiah Fowler, cybersecurity researcher and analyst known for looking for non -encrypted databases and not protected by words, and in a new VPNmentor report, Fowler said he found a file with a total size of 286.9 GB, which contains 245,949 records.
“In a limited sample of the exposed documents, I saw files that detailed PII such as names, physical addresses, email addresses, dob and SSN in flat text,” Fowler explained. “There were also driver’s licenses, identification cards, SSN cards, fiscal credit documents for job opportunities that included employment and salary information, and determination letters with acceptance or eligibility denials.”
Rockerbox leaks
In addition, he observed the DD214 forms: certificates of release or discharge of active duty, issued by the United States Department of Defense to veterans and similar military personnel. There were also PDF files protected with password labeled as “forms”, with file names containing PII, as employer names, and the first and surname applicant.
Fowler attributed the database to a Texas -based company called Rockerbox, a fiscal credit consulting organization that helps companies increase their cash flow by identifying and administering tax incentives focused on the employer through programs such as the Fiscal Credit of Work Opportunities (WOTC), the Fiscal Credit of Employee Retention (ERTC), the R&D credits and the credits of the R&D loans and the credits of the R&D loans and the credits of the R&D loans and the credits of the R&D loans.
After communicating with Rockerbox, the company closed the file in a matter of days, but supposedly never responded to the researcher.
Therefore, we do not know if the company manages this database, or if that work was handled by a third party, or if any threat actor obtained it in the past, but at the time of the publication, there was no evidence on the abuse in-the blessed.
