UK printing company Doxzoo exposed US and UK military docs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military.

Security experts at vpnMentor discovered 343GB worth of files belonging to the printing company Doxzoo that were exposed on an AWS server.

The researchers reported their discovery to the company on January 26, but it never responded. Then vpnMentor notified it to Amazon that security the archive on February 11.

“The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered a leaking S3 Bucket with over 270k records and greater than 343GB in size on an Amazon server, belonging to Doxzoo.” reads the post published by vpnMentor. “There are potentially over 100,000 users affected by this data leak, with implications not only for copyright violations, but also American and British military data exposure.”

The unsecured S3 bucket contained more than 270,000 records, the number of impacted users could be over 100,000. Exposed records included names, addresses, email addresses, payment method, last four digits of the payment method, passport scans, order details, copyrighted publications (e.g. books, screenplays, TV show scripts), teacher’s guides with answers for tests, certifications, diplomas and degrees, medical documents, floor plans, musical compositions, religious texts, internal military documents (including classified information).

Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

“The data leak includes print jobs for many high-profile clientele, including elite universities, US and UK military branches, Fortune 500 companies, and many, many more.” continues the report.

“On their website, Doxzoo boasts ISO accreditation for, among other things, security, and prides themselves on keeping their customers’ documents in “safe hands.””

A few days ago vpnMentor experts discovered two corporate finance companies that leaked half a million legal and financial documents online

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Doxzoo, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]