Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

Over 750,000 Applications for US Birth Certificate Copies Exposed Online

This is a major security breach. An online company that allows users to obtain a copy of their birth and death certificates from U.S. state governments has exposed a massive cache of applications — including their personal information.

More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket. The bucket, owned by a Barcelona-based company Onlinevitalus, wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.

The data exposed was for APPLICATIONS for birth certificate copies, not for copies of the birth certificates themselves. Even so, each application contained a lot of personal information that is not supposed to be exposed, including: the applicant’s name, date-of-birth, current home address, email address, phone number and historical personal information, including past addresses, names of family members and the reason for the application — such as applying for a passport or researching family history.

You can read more in an article by Zack Whittaker in the TechCrunch web site at: https://techcrunch.com/2019/12/09/birth-certificate-applications-exposed/.

Categories: Offline Privacy & Security, Online Privacy & Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.