Chris Vickery found a database that was open and contained data from the Oklahoma Department of Public Safety (DPS).
The database was accessible without login and held an unsettling quantity of information, which was the case with the majority of the data leaks Vickery had previously identified.
Photographs of security features taken inside secure Oklahoma DPS buildings were among the released material.
Additionally, database entries included information about motor vehicles, including the brand, location, warranty details, and whether the vehicle was still operational.
Source: https://mackeeper.com/blog/data-breach-reports-2016/
TPRM report: https://scoringcyber.rankiteo.com/company/oklahoma-department-of-public-safety
"id": "okl44721823",
"linkid": "oklahoma-department-of-public-safety",
"type": "Data Leak",
"date": "06/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Public Safety',
'location': 'Oklahoma, USA',
'name': 'Oklahoma Department of Public Safety',
'type': 'Government Agency'}],
'attack_vector': 'Open Database',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Photographs of security '
'features',
'Motor vehicle information']},
'description': 'Chris Vickery discovered an open database containing '
'sensitive information from the Oklahoma Department of Public '
'Safety (DPS). The database was accessible without login and '
'included photographs of security features inside secure '
'Oklahoma DPS buildings, as well as detailed information about '
'motor vehicles.',
'impact': {'data_compromised': ['Photographs of security features',
'Motor vehicle information']},
'initial_access_broker': {'entry_point': 'Open Database'},
'post_incident_analysis': {'root_causes': 'Unsecured Database'},
'title': 'Oklahoma DPS Data Leak',
'type': 'Data Leak',
'vulnerability_exploited': 'Unsecured Database'}