May 7, 2024 at 06:35AM
UK-based physical security business Amberstone Security exposed nearly 1.3 million documents, including pictures of guards and suspected offenders, through a misconfigured public database. The exposed data raised concerns about personal privacy, public safety, and the integrity of security operations. After notification, Amberstone revoked public access to the database and initiated an investigation with the involved supplier.
It seems that during a recent security breach at Amberstone Security, approximately 1.3 million documents were exposed through a misconfigured database, likely for an unknown duration. The exposed data includes various sensitive materials, such as images of security personnel, including ID cards and personal information. Additionally, the database contained information on suspected offenders, including images and details of alleged crimes, potentially tying individuals to specific crimes.
Of particular concern is the potential misuse of the exposed information, as unauthorized individuals could impersonate security personnel or gain unauthorized access to secure facilities. Furthermore, the exposure of sensitive identification documents poses serious threats to public safety, personal privacy, and the integrity of security operations. There’s a hypothetical risk of physical security breaches, theft, vandalism, or even acts of terrorism.
In a swift response to the breach, Amberstone Security revoked public access to the database and indicated that the security lapse may have been caused by a third party. The parent company, Argenbright Security Europe, has assured that they take data security seriously and are looking into the matter thoroughly.
It’s important for Amberstone Security and its parent company to ensure that thorough investigations are conducted to address the breach and prevent future occurrences. Data security measures should also be reviewed and strengthened to protect against similar incidents in the future.