Last Updated on 22/11/2021 by Riya
One of the largest consumer ratings and reviews websites for senior care and services across the US and Canada, “SeniorAdvisor” suffered a major breach; exposing almost 3 million US seniors citizens’ data. It was found that a misconfigured S3 Bucket has exposed the data, which included people’s names, emails, phone numbers, and date of contact. Encompassed of more than one million files, adding up to 182GB of data.
Out of which none was encrypted nor protected by any password. Even though the files had a timestamp of 2017, Researchers suggest they contain files dating from 2002 to 2013. The majority of data exposed was in the form of leads, a list of potential customers of SeniorAdvisor whose details were collected presumably via their email or phone call campaigns.
Apart from this, 2000 “scrubbed” reviews in the misconfigured bucket were found, from which the user’s sensitive information was wiped out. Since the scrubbed reviews and lead data were contained in the same exposed database, it could be used to enable a malicious actor to trace it back to the person who wrote it. Researchers even found that the breach contained data from a section of the public more vulnerable to scams, the risks were higher.
Over time, scams and phishing attempts are quite common. But the Senior Citizens are at higher risks than the rest of age groups. United Kingdom blame hackers of taking benefit of the rising number of elderly people that are relying on the internet for everyday services, from shopping to stay in contact with friends and family. During this covid-19 period, the cyber-criminals are very active, seeking to fleece aged groups out of their hard-earned cash.
During the 2018-2019 report, the Federal Trade Commission (FTC) revealed that folks who filed a fraud complaint between 60 and 69 years old, on average lost $600 per scam. The amount rose in older groups, culminating in $1700 on the typical per scam for people between 80 and 89. Online crime is usually highly sophisticated and hard to identify so anyone is often taken in, but if you’re new to the web and just started learning it then you’re more potentially more vulnerable to being caught out. Hence, it is advisable to the people out there, be cautioned before doing any sort of transaction, any sort of data entry as nobody knows, what might bankrupt you.