"The server, owned by Duales, contained over 360,000 files including government-issued identity documents, selfies uploaded for identity verification, customer names, home addresses, and detailed transaction records."
"According to TechCrunch's reporting, Duales CEO Henry Martinez González said the data was stored on a testing environment, though he did not explain why real customer documents were publicly accessible."
"The company secured the files after TechCrunch's alert, though Martinez González would not say whether the company had logs to determine who else may have accessed the data."
"The Office of the Privacy Commissioner of Canada confirmed it has contacted the company for more information and to determine next steps."
A Toronto-based money transfer app, Duc App, left over 360,000 sensitive files publicly accessible on an Amazon server for nearly five years. The exposed data included unencrypted passports, driver's licenses, customer transaction records, and personal information. The files were discovered by security researcher Anurag Sen and were still being uploaded daily. Duales CEO Henry Martinez González stated the data was in a testing environment but did not clarify the public accessibility. The Office of the Privacy Commissioner of Canada is investigating the incident.
Read at Silicon Canals
Unable to calculate read time
Collection
[
|
...
]