Cybersecurity researcher Jeremiah Fowler discovered an unencrypted, non-password-protected database belonging to Rainwalk Technology, a South Carolina-based pet insurance provider. The exposed database contained 158 GB of sensitive data across 85,361 files, including pet insurance claims, veterinary bills, and customer communications. Compromised information involved pet owner names, physical/email addresses, phone numbers, partial credit card numbers, pet medical histories, microchip numbers, and reimbursement details (including Venmo QR codes and claim numbers). The database remained publicly accessible for nearly a month after disclosure, with no response from Rainwalk. The exposure poses risks of fraudulent claims, man-in-the-middle (MITM) attacks on reimbursements, phishing scams leveraging pet microchip data, and identity theft—exploiting the combination of pet and owner PII. While no direct evidence confirms malicious access, the lack of encryption or access controls heightens vulnerability to financial and privacy exploits. The incident underscores systemic gaps in data protection for pet insurance sectors, where human-like PII (e.g., owner details) lacks legal safeguards akin to HIPAA.
Source: https://www.websiteplanet.com/news/rainwalk-pet-insurance-breach-report/
TPRM report: https://www.rankiteo.com/company/rainwalk
"id": "rai2793227100625",
"linkid": "rainwalk",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'pet insurance',
'location': 'South Carolina, USA',
'name': 'Rainwalk Technology, Inc.',
'type': 'private company'}],
'attack_vector': ['misconfigured database',
'lack of encryption',
'lack of access controls'],
'customer_advisories': ['Verify all communication via official channels '
'before sharing PII or payments.',
'Report suspicious requests (e.g., microchip renewal '
'scams) to Rainwalk Technology.',
'Monitor financial accounts for fraudulent activity '
'related to exposed partial credit card data.'],
'data_breach': {'file_types_exposed': ['invoices',
'claims',
'email communications',
'veterinary records'],
'number_of_records_exposed': '85,361 files (158 GB)',
'personally_identifiable_information': ['names',
'physical addresses',
'email addresses',
'phone numbers',
'partial credit card '
'numbers',
'pet names/medical '
'histories/microchip '
'numbers'],
'sensitivity_of_data': 'high (PII + financial + pet health '
'data)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'financial data (partial credit '
'card numbers)',
'pet health records',
'reimbursement/claim data',
'microchip numbers']},
'description': 'Cybersecurity researcher Jeremiah Fowler discovered an '
'unencrypted, non-password-protected database containing 158 '
'GB of pet insurance claims, veterinary bills, and customer '
'communications. The exposed data included PII (names, '
'addresses, emails, phone numbers, partial credit card '
'numbers), pet details (names, medical histories, microchip '
'numbers), and reimbursement-related information (Venmo QR '
'codes, claim numbers, monetary amounts). The database '
'belonged to South Carolina-based Rainwalk Technology, a pet '
'insurance provider. It remained publicly accessible for '
'nearly a month after disclosure before being secured. No '
'response was received from Rainwalk, and the duration of '
'prior exposure is unknown. Hypothetical risks include '
'financial fraud (e.g., MITM attacks on reimbursements), '
'phishing/scams (e.g., microchip renewal fraud), and identity '
'theft.',
'impact': {'brand_reputation_impact': ['potential loss of trust due to '
'exposure of sensitive pet/owner data'],
'data_compromised': ['pet insurance claims',
'veterinary bills',
'customer communications (names, addresses, '
'emails, phone numbers)',
'partial credit card numbers',
'pet names/ages/medical '
'histories/breeds/microchip numbers',
'reimbursement data (Venmo QR codes, claim '
'numbers, monetary amounts)'],
'identity_theft_risk': ['high (PII + pet data could enable '
'targeted phishing/scams)'],
'legal_liabilities': ['potential regulatory scrutiny (though no '
'direct pet data privacy laws exist in the '
'U.S.)'],
'payment_information_risk': ['partial credit card numbers and '
'Venmo QR codes exposed'],
'systems_affected': ['unsecured database (158 GB, 85,361 files)']},
'initial_access_broker': {'entry_point': 'unsecured database (no '
'password/encryption)',
'high_value_targets': ['pet insurance claims',
'reimbursement data',
'PII']},
'investigation_status': 'unconfirmed (no forensic audit conducted; exposure '
'duration unknown)',
'lessons_learned': ['Basic encryption and access controls (e.g., passwords, '
'MFA) are critical for sensitive databases.',
'Regular audits for misconfigurations and penetration '
'testing can prevent accidental exposures.',
'Monitoring tools are essential to detect unauthorized '
'public access to storage buckets.',
'Pet insurance providers must recognize that combined '
'pet+owner data poses privacy risks akin to human health '
'data.',
'Customer education on phishing/scams (e.g., microchip '
'renewal fraud) is vital when PII is exposed.'],
'post_incident_analysis': {'corrective_actions': ['Secure the database with '
'encryption and access '
'controls.',
'Implement continuous '
'monitoring for exposed '
'assets.',
'Establish a formal '
'incident response process '
'for disclosures.',
'Conduct a forensic audit '
'to determine if data was '
'accessed by third parties.',
'Notify customers if '
'exposure is confirmed and '
'provide mitigation '
'guidance.'],
'root_causes': ['Lack of basic security controls '
'(encryption, authentication).',
'Misconfigured database with '
'public access enabled.',
'Inadequate monitoring to detect '
'unauthorized access.',
'Delayed response to responsible '
'disclosure (~1 month).']},
'recommendations': ['Encrypt all sensitive documents to render them '
'unreadable if exposed.',
'Implement multifactor authentication (MFA) and strict '
'permission controls for databases.',
'Conduct regular penetration tests and configuration '
'audits.',
'Use monitoring tools to detect and block unauthorized '
'access.',
'Educate customers on verifying official communication '
'channels and reporting suspicious requests.',
'Proactively notify affected customers if exposure is '
'confirmed.',
'Consider pet data privacy risks seriously, even in the '
'absence of direct regulations.'],
'references': [{'source': 'Website Planet - Jeremiah Fowler'},
{'source': 'North American Pet Health Insurance Association '
'(NAPHIA) 2024 Report'},
{'source': 'Verizon Data Breach Investigations Report (DBIR)'},
{'source': 'HackRead - Pet Microchip Scam Report'}],
'response': {'containment_measures': ['database restricted from public access '
'after ~1 month']},
'title': 'Unsecured Database Exposing Pet Insurance and Veterinary Records at '
'Rainwalk Technology',
'type': ['data breach', 'unsecured database', 'misconfiguration'],
'vulnerability_exploited': ['unprotected storage bucket',
'missing authentication',
'no encryption']}