A well-known cybersecurity specialist has found on the internet an accessible Rsync server that is storing the personal information of at least 200,000 Indianapolis Motor Speedway enthusiasts.
Subsequent investigation indicated that the data originated from the archive of the now-defunct DownForce racing forum, which was part of a platform utilised by IndyCar.
Vickery said that information about the forum users' everyday activities, including employee login credentials, was contained in the archive.
The whole DownForce backup, which includes information on hundreds of thousands of individuals, including first and last names, dates of birth, gender, mailing addresses, password hashes, security questions, and answers, has been discovered by Vickery to be publicly accessible online.
Source: https://securityaffairs.com/55841/data-breach/indycar-data-leak.html
TPRM report: https://scoringcyber.rankiteo.com/company/indycar
"id": "ind538191123",
"linkid": "indycar",
"type": "Data Leak",
"date": "01/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 200000,
'industry': 'Sports',
'location': 'Indianapolis',
'name': 'Indianapolis Motor Speedway',
'type': 'Organization'},
{'industry': 'Sports',
'name': 'DownForce Racing Forum',
'type': 'Organization'}],
'attack_vector': 'Exposed Rsync Server',
'data_breach': {'number_of_records_exposed': 200000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Login Credentials']},
'description': 'A cybersecurity specialist discovered an accessible Rsync '
'server storing personal information of at least 200,000 '
'Indianapolis Motor Speedway enthusiasts. The data originated '
'from the archive of the now-defunct DownForce racing forum, '
'part of a platform utilized by IndyCar. The archive included '
"forum users' everyday activities and employee login "
'credentials. The entire DownForce backup, including first and '
'last names, dates of birth, gender, mailing addresses, '
'password hashes, security questions, and answers, was '
'publicly accessible online.',
'impact': {'data_compromised': ['first and last names',
'dates of birth',
'gender',
'mailing addresses',
'password hashes',
'security questions',
'answers'],
'systems_affected': 'Rsync Server'},
'initial_access_broker': {'entry_point': 'Exposed Rsync Server'},
'post_incident_analysis': {'root_causes': 'Misconfigured Rsync Server'},
'references': [{'source': 'Cyber Incident Description'}],
'title': 'Data Breach of DownForce Racing Forum',
'type': 'Data Breach',
'vulnerability_exploited': 'Misconfigured Rsync Server'}