cyber Breach

Securitas Group

May 11, 2022 1 min read
Securitas Group

The multinational security company, Securitas suffered a huge data security incident after one of the company’s Amazon S3 buckets containing 1.5 million files, equating to about 3TB of data was left open.

The incident exposed over data including employee PII and sensitive company data related to airport employees from different localities throughout Latin America including Colombia and Peru.

The exposed data included the personal data of employees including employee's full name, occupation, national ID numbers and sensitive client data including photos of planes, fueling lines, Device models,
GPS locations of photo.

Securitas could be imposed with maximum fine of 2,000 minimum legal monthly salariesfor a breach of data protection regulation by the SIC of Colombia.

SIC of Colombia can impose a maximum fine of 2,000 minimum legal monthly salaries (equivalent to approx. US$400,000) for a breach of data protection regulation

Source: https://www.safetydetectives.com/news/securitas-leak-report/

TPRM report: https://scoringcyber.rankiteo.com/company/securitas-group

"id": "sec145311522",
"linkid": "securitas-group",
"type": "Breach",
"date": "02/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"
{'affected_entities': [{'industry': 'Security',
                        'location': ['Colombia', 'Peru'],
                        'name': 'Securitas',
                        'type': 'Multinational Security Company'}],
 'attack_vector': 'Cloud Misconfiguration',
 'data_breach': {'number_of_records_exposed': '1.5 million files',
                 'personally_identifiable_information': ["Employee's full name",
                                                         'Occupation',
                                                         'National ID numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Employee PII',
                                              'Sensitive company data',
                                              'Photos of planes',
                                              'Fueling lines',
                                              'Device models',
                                              'GPS locations of photo']},
 'description': 'Securitas suffered a data security incident where an Amazon '
                'S3 bucket containing 1.5 million files was left open, '
                'exposing employee PII and sensitive company data.',
 'impact': {'data_compromised': ['Employee PII',
                                 'Sensitive company data',
                                 'Photos of planes',
                                 'Fueling lines',
                                 'Device models',
                                 'GPS locations of photo'],
            'legal_liabilities': 'Possible fine of 2,000 minimum legal monthly '
                                 'salaries (approx. US$400,000)'},
 'regulatory_compliance': {'fines_imposed': 'Maximum fine of 2,000 minimum '
                                            'legal monthly salaries (approx. '
                                            'US$400,000)'},
 'title': 'Securitas Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Open Amazon S3 bucket'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.