Security experts at
The researchers reported their discovery to the company on January 26, but it never responded. Then
The unsecured S3 bucket contained more than 270,000 records, the number of impacted users could be over 100,000. Exposed records included names, addresses, email addresses, payment method, last four digits of the payment method, passport scans, order details, copyrighted publications (e.g.
Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.
“The data leak includes print jobs for many high-profile clientele, including elite universities, US and UK military branches, Fortune 500 companies, and many, many more.” continues the report.
“On their website, Doxzoo boasts ISO accreditation for, among other things, security, and prides themselves on keeping their customers’ documents in “safe hands.””
(SecurityAffairs – Doxzoo, data leak)