UK printing company Doxzoo exposed US and UK military docs

March 20, 2020  By Pierluigi Paganini


UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military.

Security experts at vpnMentor discovered 343GB worth of files belonging to the printing company Doxzoo that were exposed on an AWS server.

The researchers reported their discovery to the company on January 26, but it never responded. Then vpnMentor notified it to Amazon that security the archive on February 11.

“The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered a leaking S3 Bucket with over 270k records and greater than 343GB in size on an Amazon server, belonging to Doxzoo.” reads the post published by vpnMentor. “There are potentially over 100,000 users affected by this data leak, with implications not only for copyright violations, but also American and British military data exposure.”

The unsecured S3 bucket contained more than 270,000 records, the number of impacted users could be over 100,000. Exposed records included names, addresses, email addresses, payment method, last four digits of the payment method, passport scans, order details, copyrighted publications (e.g. books, screenplays, TV show scripts), teacher’s guides with answers for tests, certifications, diplomas and degrees, medical documents, floor plans, musical compositions, religious texts, internal military documents (including classified information).

Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

“The data leak includes print jobs for many high-profile clientele, including elite universities, US and UK military branches, Fortune 500 companies, and many, many more.” continues the report.

“On their website, Doxzoo boasts ISO accreditation for, among other things, security, and prides themselves on keeping their customers’ documents in “safe hands.””

A few days ago vpnMentor experts discovered two corporate finance companies that leaked half a million legal and financial documents online

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Doxzoo, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Russia-linked APT28 has been scanning vulnerable email servers in the last year

 Experts warn of scanning activity conducted by Russia-linked APT28 cyberespionage group, hackers are searching for vulnerable...