Poorly Configured Oracle Reports Database Server Leads to Huge Data Leak at MBIA Inc.

Namaste! Good Morning,

KrebsOnSecurity notified to MBIA Inc. about the huge data leak this Monday. Kreb reported that due to the misconfiguration in a company Web server, countless customer account numbers, balances and other sensitive data were exposed. This leaked sensitive data is also indexed on many popular search engines.

MBIA Inc. is a financial services company. It was founded in 1973 as the Municipal Bond Insurance Association. It is headquartered in Armonk, New York, and has approximately 400 employees. MBIA is the largest bond insurer. MBIA Inc., is based in Purchase, N.Y., is a public holding company that offers municipal bond insurance and investment management products.

After getting notification, the company disabled the vulnerable website mbiaweb.com. This Website contained customer data from Cutwater Asset Management, a fixed-income unit of MBIA that is slated to be acquired by BNY Mellon Corp.

MBIA spokesman Kevin Brown said,"We have been notified that certain information related to clients of MBIA’s asset management subsidiary, Cutwater Asset Management, may have been illegally accessed,. We are conducting a thorough investigation and will take all measures necessary to protect our customers’ data, secure our systems, and preserve evidence for law enforcement." He also added that the customers are also notified about this leak.


Documents indexed by search engines featured detailed instructions on how to authorise new bank accounts for deposits, including the forms and fax numbers needed to submit the account information.

Bryan Seely, an independent security expert with Seely Security, discovered the exposed data using a search engine. Seely said the data was exposed thanks to a poorly configured Oracle Reports database server. Another researcher Dana Taylor @miss_sudo documented the misconfigured server.


0 comments