A setup error that exposed private data was found by the Cybernews research team in the OCR Labs system.
Defence Bank, Bloom Money, Admiral Money, MA Money, and Reed were all impacted by the data leak.
Threat actors could perhaps compromise the backend infrastructure of banks and, as a result, the infrastructure of their customers using disclosed data.
The threat to businesses and their customers is significant since financial services are the primary target of cybercriminals.
OCR Labs corrected the problem after being contacted by Cybernews.
Source: https://securityaffairs.com/144514/data-breach/ocr-labs-data-leak.html
TPRM report: https://scoringcyber.rankiteo.com/company/mamoney
"id": "mam42629523",
"linkid": "mamoney",
"type": "Data Leak",
"date": "04/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Financial Services',
'name': 'Defence Bank',
'type': 'Bank'},
{'industry': 'Financial Services',
'name': 'Bloom Money',
'type': 'Bank'},
{'industry': 'Financial Services',
'name': 'Admiral Money',
'type': 'Bank'},
{'industry': 'Financial Services',
'name': 'MA Money',
'type': 'Bank'},
{'industry': 'Financial Services',
'name': 'Reed',
'type': 'Bank'}],
'attack_vector': 'Setup Error',
'description': 'A setup error that exposed private data was found by the '
'Cybernews research team in the OCR Labs system.',
'post_incident_analysis': {'corrective_actions': 'OCR Labs corrected the '
'problem after being '
'contacted by Cybernews.',
'root_causes': 'Setup Error'},
'references': [{'source': 'Cybernews'}],
'response': {'remediation_measures': 'OCR Labs corrected the problem after '
'being contacted by Cybernews.'},
'title': 'OCR Labs Data Leak',
'type': 'Data Leak',
'vulnerability_exploited': 'Setup Configuration'}