The WebsitePlanet research group in collaboration with Security Researcher Jeremiah Fowler found a non-password protected database that contained more than 323,277 court-related records. Upon further investigation, the researchers found that the records were completely identified with Cook County, Illinois, the second-most populous region in the United States after Los Angeles County.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
As per the research group, nearly every record, which dated back to 2012 and as far as possible up to 2020, contained some type of personally identifiable information (PII), for example, complete names, home addresses, email addresses, case numbers, and private insights regarding the cases. The database seemed, by all accounts – to be an inside record management system that contained point by point notes about case status or issues with the cases or people. The case type appears to have been sorted by markers, for example, IMM (likely ‘immigration’), FAM (presumably ‘family’), and CRI (most likely ‘criminal’). The information was in plaintext, and web access had no limitations. The content could be accessed, downloaded, altered, or erased by anybody with an internet connection.
The researchers quickly reached the Cook County CTO. The database was secured days after the fact. It is unclear, however, if the affected people were advised about the data exposure or on the off chance that they were educated about the danger of how this data could be utilized to possibly target them. The researchers state, “We could not find any reference to a public notice of a data breach of court records. No one replied to our responsible disclosure notice, phone voice message, or a follow-up email, so we were unable to know exactly what these records were used for or the full extent of the exposure.”
WebsitePlanet postulates that the database may have had a place with a specialist Cook County department of caseworkers working with individuals who required extra assistance. Nearly by definition, everyone included inside the database could be delegated ‘vulnerable’ and a practical objective for scammers. The data contained – would give various ways to deal with such assaults. Assaults could go from identity theft to blackmail.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.