wbsc

wbsc

The World Baseball Softball Confederation (WBSC) exposed approximately 50,000 files, some of which were extremely sensitive, by leaving a data repository online.

The inquiry revealed that the compromised information belonged to the WBSC, which oversees baseball, softball, and other sports internationally.

Concerningly, copies of 4,600 different national passports were among the items in the incorrectly configured AWS bucket, which the WBSC shut down after being alerted by the team.

Cybercriminals may use passports to mimic victims and steal their identities since they contain a lot of personal information, such as complete names, dates of birth, and passport numbers.

Source: https://securityaffairs.com/151666/data-breach/misconfigured-wbsc-server-leaks-thousands-of-passports.html

TPRM report: https://scoringcyber.rankiteo.com/company/wbsc

"id": "wbs01621023",
"linkid": "wbsc",
"type": "Data Leak",
"date": "09/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Sports',
                        'name': 'World Baseball Softball Confederation (WBSC)',
                        'type': 'Organization'}],
 'attack_vector': 'Misconfigured AWS Bucket',
 'data_breach': {'number_of_records_exposed': 50000,
                 'personally_identifiable_information': ['Full Names',
                                                         'Dates of Birth',
                                                         'Passport Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Passport Information',
                                              'Other Sensitive Files']},
 'description': 'The World Baseball Softball Confederation (WBSC) exposed '
                'approximately 50,000 files, some of which were extremely '
                'sensitive, by leaving a data repository online. The '
                'compromised information included copies of 4,600 different '
                'national passports in an incorrectly configured AWS bucket.',
 'impact': {'data_compromised': ['Passport Information',
                                 'Other Sensitive Files'],
            'identity_theft_risk': 'High',
            'systems_affected': ['AWS Bucket']},
 'post_incident_analysis': {'root_causes': 'Misconfigured AWS Bucket'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': 'Shut down the AWS bucket'},
 'title': 'WBSC Data Exposure Incident',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Incorrectly Configured AWS Bucket'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.