[BreachExchange] Cook County Leaks 320,000 Court Records

Destry Winant destry at riskbasedsecurity.com
Wed Jan 27 10:54:22 EST 2021 

https://www.infosecurity-magazine.com/news/cook-county-leaks-320000-court/

Over 320,000 court records belonging to the second most populous
county in the US have been discovered sitting on a misconfigured
online database.

Security researcher Jeremiah Fowler and a team from Website Planet
soon found that the data was all from Cook County, Illinois, which is
home to America’s third-largest city, Chicago.

“There have been several high -profile data exposures of private
companies that affected Cook County residents in the past few years
including a large hospital data breach. However, this appears to be
the largest breach of Cook County internal records to date,” noted
Fowler.

“We hope our discovery and notification helped protect and secure this
sensitive data before it could be stolen, encrypted with ransomware,
or wiped out by an automated bot script. Companies, organizations and
even governments must do more to protect the data they collect and
store.”

He said that the highly sensitive data appears to have come from an
internal records management system, with virtually all exposed records
containing some form of personal info including: full names, home
addresses, email addresses, case numbers and private case notes.

Dating back nine years, the cases were marked up signify they relate
to either immigration, family or criminal court proceedings.

Immigration case notes are particularly lucrative for fraudsters as it
they can help to add legitimacy to social engineering scams.

“In this exposure there was a treasure trove of contacts and data that
could have potentially been exploited for a wide range of nefarious
purposes,” argued Fowler. “Immigrants are in a vulnerable position and
these are real threats against people who can rarely protect
themselves or fight back for their rights due to lack of resources,
including financial resources.”

Family court records are also particularly sensitive as they can
include details of children involved in domestic violence, custody and
other cases, he added.

In many cases, the victims were not only exposed to phishing and
possible identity theft attempts but also blackmail.

The exposed database was discovered on a Saturday and secured promptly
two days later on the Monday. However, there’s no clue as to how long
it was left online, available to access by “anyone with an internet
connection.”

More information about the BreachExchange mailing list