The FIA World Endurance Championship website leaked 100 of drivers' identification documents, including their driver's licenses and IDs.
The Cybernews investigation team came up with two storage buckets that were openly accessible and included 1.1 million data. Since these databases are accessible to the public, anyone can utilise them to gain access to sensitive information.
The elite racers in the endurance championship are the owners of the leaked documents.
Many have competed in the race for a long time, and some have even taken first place at various competition levels.
The data might also be used by criminals to design incredibly specialized and narrowly focused assaults on the drivers whose information was leaked.
Source: https://securityaffairs.com/148587/security/fia-world-endurance-championship-data-leak.html
TPRM report: https://scoringcyber.rankiteo.com/company/fia-world-endurance-championship
"id": "fia24118923",
"linkid": "fia-world-endurance-championship",
"type": "Data Leak",
"date": "07/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Sports',
'name': 'FIA World Endurance Championship',
'type': 'Organization'}],
'attack_vector': 'Openly Accessible Storage Buckets',
'data_breach': {'number_of_records_exposed': '100',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ["Driver's Licenses", 'IDs']},
'description': 'The FIA World Endurance Championship website leaked 100 of '
"drivers' identification documents, including their driver's "
'licenses and IDs.',
'impact': {'data_compromised': ["Driver's Licenses", 'IDs'],
'identity_theft_risk': 'High'},
'title': 'FIA World Endurance Championship Data Leak',
'type': 'Data Leak',
'vulnerability_exploited': 'Misconfigured Storage Buckets'}