• The leaky repository contained 36,077 records of sensitive inmate data.
  • It also contained confidential info on whether the patient accepted the drug or not.

A cloud management platform for US correctional facilities was reportedly found leaking sensitive data belonging to the inmates of the facilities.

What happened?

A misconfigured Amazon S3 bucket of JailCore, the cloud platform for correctional facilities, exposed the information of inmates at Florida, Kentucky, Missouri, Tennessee, and West Virginia center.

  • The leaky repository contained 36,077 records of sensitive inmate data.
  • The details include names, mugshots, IDs, booking numbers, activity logs, and a host of personal health information.

Critical medical records leaked

Since data exposed in the breach includes medical records, it contains detailed information on medicines prescribed and dosages recommended to each inmate.

  • The storage bucket, besides the names, contained confidential information on whether the inmates accepted the drug or not.
  • It also revealed the full names of drug administrators and signatures of correctional officers.

Final words

The bucket was properly secured last month, but the number of people affected in the leak remained unclear.

Cyware Publisher

Publisher

Cyware