Skip to main content

More than 750,000 U.S. birth certificate applications exposed online

Here’s another story of apparently sloppy practices by a company charged with looking after our personal data online.

According to TechCrunch, more than 750,000 U.S. birth certificate applications have been found exposed online in an Amazon Web Services (AWS) storage bucket, which is essentially a cloud-based storage solution.

The exposed data — held by a company that helps people obtain a copy of their birth certificates — reportedly has no password protection, and the web address where the applications are held is “easy to guess.”

The company is yet to respond to inquiries about the security blunder, and with the data apparently still exposed, TechCrunch has opted not to name the company in order to protect affected customers.

The cache was discovered by U.K.-based cybersecurity firm Fidus. The exposed forms show a range of information that includes the applicant’s name, date of birth, home address, email address, and phone number.

They also show historical information linked to applicants such as past addresses, names of family members, and the reason for the application, which could include anything from applying for a passport to researching family history.

It doesn’t appear that any payment or financial data is involved.

In its report, TechCrunch said the exposed applications date back to 2017. The cache is being updated on a daily basis, too, with one particular week seeing as many 9,000 fresh applications added.

Amazon has since said that it will inform the company of the situation, but added that it can’t take direct action to resolve the issue.

Responding to a slew of cases where companies have failed to properly configure their AWS settings to password protect their storage buckets, Amazon just a few days ago launched a new tool enabling its business customers to more easily review their bucket access policies and also provide alerts if a bucket is open to the public.

In a similar case that occurred just last month, around 450,000 MTG Arena and Magic Online players had their personal data exposed after a database backup file was left in a public AWS storage bucket without any password protection. Wizards of the Coast, the company behind the games, described the error as “an isolated incident related to a legacy database” and said it was unrelated to its current systems.

The company fixed the situation soon after learning about it. We’re now waiting for the company at the center of the birth certificate application blunder to do the same.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
This is what Google Maps’ big redesign looks like
Redesigned Google maps.

Redesigned Google Maps app Google

In recent years, Google Maps has felt like it's an afterthought to Google. As Apple Maps continues to improve with better navigation, cleaner transit layers, and better information, Google Maps has lagged. That’s why we’re thrilled about the redesigned Google Maps app that Google showcased at Google I/O 2024.

Read more
If you use a VPN, don’t skip this important Windows 11 update
Microsoft Surface Laptop Go 3 rear view showing lid and logo.

It's not you; Windows is causing the issues this time. If the VPN on your Windows 11 or Windows 10 computer is having a hard time connecting, it is likely because of Microsoft's April security updates for Windows 11 (KB5036893 for) and Windows 10 (KB5036892), which have been reported to be the cause of the problems.

But there's good news. According to Microsoft, a patch is now available to fix the VPN problems users are experiencing.

Read more
This new Google Sheets feature is going to save so much time
Google Sheets is open in the Safari browser on a MacBook Air.

After Google I/O 2024, Google continues to roll out features that bolster its productivity apps -- this time, specifically with Google Sheets. As picked up by The Verge, Google has announced a much simpler way to generate easily formatted tables in the Sheets app. This new Sheets feature has been around for many years in Excel and has recently reached Google. Better late than never.

The option is called Convert to table, and you can use it by opening a Sheets document and clicking Format > Convert to table when the option reaches you later this month or early next. With this new option, Google aims for a more Excel-type experience by adding filters for each column. The rows also get visual separators, saving you time by not having to select the rows manually to turn them gray. The Convert to table feature also brings filters and column types and makes the drop-down menu creation easier.

Read more