Aside from personal and financial information, the data also included plain-text login credentials, such as usernames and passwords, for customers and businesses who used the Uganda Security Exchange’s Easy Portal, makes data protection become a hot topic again.
The Uganda Securities Market (USE), the country’s main stock exchange, has been detected leaking extremely sensitive financial and sensitive data of its consumers and commercial organizations all over the world.
Anurag Sen, a notable IT security researcher recognized for detecting unprotected servers and informing appropriate authorities before it’s too late, reported this to Hackread.com. Anurag is the same researcher who found earlier this month that Australian trading behemoth ACY Securities had exposed 60GB of data.
Anurag discovered a server exposing more than 32GB of data to public access while searching for misconfigured databases on Shodan. The server, according to Anurag, belongs to the Uganda Security Exchange’s Easy Portal. Easy Portal is an online self-service portal that allows users and trading companies to see stock performance, statements, and account balances.
“There are additional ports open on the server that opened the link to the Bank of Baroda – an Indian firm operating in Uganda.” It is also registered with the Uganda Securities Exchange.” Anurag said.
What Information was Disseminated?
Anurag deduced through additional investigation of the massive dataset that the exposed records were of a sensitive kind. The worst aspect of the data loss is that the server was left unprotected with no security authentication.
This implies that anyone with even a rudimentary understanding of locating insecure databases on Shodan and other similar sites would have entire access to USE’s data, including the following:
Usernames with Full Names
Date of Birth Full Address Access Tokens
Email Address Phone Number
Passwords in plaintext
Users’ ID number Bank information, including ID and account number
Information about foreign citizens and corporations, including Ugandan citizens
There was no response from Uganda CERT or USE
Although exposing sensitive data of unwary individuals and organizations to hackers is a mistake in and of itself, failing to respond to researchers and failing to care about the situation is plain irresponsible.
Anurag attempted to contact the Uganda Securities Exchange, the Uganda CERT (Computer emergency response team), and numerous other government organizations by Twitter, phone, and email, but no one answered.
Throughout this, the server was left vulnerable for days.
The 32GB of data was decreased to MBs on June 12th, 2022. Authorities may have attempted to keep the event quiet in order to avoid criticism from local media and companies harmed by the breach. Nonetheless, at the time of publication, the exposed server had been protected and its IP addresses were no longer visible to the public.
Impact on the firm and its customers
It is yet unknown if a third party, such as ransomware gangs or threat actors, accessed the database with nefarious intent. But if that happens, it would be disastrous for the USE, its consumers, and its clients, who include both domestic and international corporations.
Furthermore, given the scope and type of the compromised data, the breach might have far-reaching consequences. Bad actors, for example, may steal the data, sign in to Easy Portal, and commit identity theft, phishing, or trading frauds.
If you use the Easy Portal, you should contact the Uganda Securities Exchange to enquire about the occurrence. Anyway, enterprises should take data security seriously. Be sure to do data backup and data disaster recovery. Do your best to minimize the cost of a data leak.