A Silicon Valley-based translation and interpreter firm has reportedly confirmed a massive data leak, which could potentially have led to hackers stealing the firm's financial and sensitive corporate data and more. The California-headquartered Interpreters Unlimited, also known as IU Group, provides services to tech giants such as Google, Boeing and the US Postal Service.
Security researchers at MacKeeper uncovered an unprotected internet-connected backup drive, which belonged to the IU Group's IT manager. The backup drive's lack of password protection allowed anyone to access and download the device's contents. The security gaffe was caused due to a drive misconfiguration, which in turn allowed the device to seamlessly stream data onto the internet.
According to a report by ZDNet, the leaked files contained personal documents on the IU Group's IT manager, including permanent residency documents, passports, social security data and tax records. The device also contained sensitive corporate data, which, if accessed by a hacker, could have led to a full scale breach of the firm's networks.
The leaked files included personal and sensitive data of clients, staff and new hires, including names, phone numbers, addresses and social security numbers. MacKeeper researchers noted that the leaked data "even had the amount of money translators earned with the company the previous year".
"This one document provides enough information that would allow criminals to file fake tax returns, get loans, or other forms of fraud," the researchers said. It is also estimated that around 4,500 of the firm's staff and freelancers may have been affected by the incident.
IU Group's president Sayed Ali confirmed that the drive was online and freely accessible for "four to six months", adding that it has now been removed. Ali said the firm believes this to be an isolated incident, but that it is "not taking the matter lightly". The firm is slated to bring in an independent security expert to investigate the matter.
Meanwhile, the device and its contents allegedly appeared on Shodan, a popular search engine for internet-connected open and insecure databases. This indicates that the data may likely have been exposed to malicious entities. It still remains unknown if the data has been accessed or abused by hackers.