Oklahoma Department of Securities
A server containing about three terabytes of sensitive government data, including information regarding FBI investigations, was left exposed by the Oklahoma Department of Securities (ODS). The database was found by cybersecurity firm UpGuard using an open source search engine on December 7, 2018. ODS was notified and removed the exposed server from public access the same day. The database had been publicly accessible since at least November 30, 2018. The records contained information dating back to 1986 and from as recently as 2016, and included personal data, system credentials, and email inbox backups. The ODS released a statement confirming the breach, indicating it occurred during the installation of a firewall, and will notify those whose information was revealed. For more information on the breach, please review the UpGuard post here.