A well-known cybersecurity specialist has found on the internet an accessible Rsync server that is storing the personal information of at least 200,000 Indianapolis Motor Speedway enthusiasts.
Subsequent investigation indicated that the data originated from the archive of the now-defunct DownForce racing forum, which was part of a platform utilised by IndyCar.
Vickery said that information about the forum users' everyday activities, including employee login credentials, was contained in the archive.
The whole DownForce backup, which includes information on hundreds of thousands of individuals, including first and last names, dates of birth, gender, mailing addresses, password hashes, security questions, and answers, has been discovered by Vickery to be publicly accessible online.
Source: https://securityaffairs.com/55841/data-breach/indycar-data-leak.html
"id": "IND538191123",
"linkid": "indycar",
"type": "Data Leak",
"date": "01/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"