idverse

Sensitive credentials were exposed by a digital identification tool that OCR Labs offered to large banks and government organizations, seriously endangering the safety of its customers.

Threat actors might compromise banks' backend infrastructure and, as a result, the infrastructure of their customers using disclosed data.

Cybercriminals' primary focus is on financial services, posing a serious threat to businesses and their clients.

The Cybernews investigation team identified the OCR Labs system's misconfiguration that exposed private information.

Source: https://securityaffairs.com/144514/data-breach/ocr-labs-data-leak.html

"id": "IDV31921023",
"linkid": "idverse",
"type": "Data Leak",
"date": "04/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"