Employee Info Among 13 Million Records Leaked by Fox

A configuration error exposed millions of internal records traced back to Fox News, including personally identifiable information on employees, researchers have claimed.

A team at Website Planet led by Jeremiah Fowler claimed that anyone with an internet connection could theoretically have discovered the 58GB trove, which was left open with no password protection.

It contained almost 13 million records of content management data, including an unspecified number of employee details.

“Upon further research nearly all records contained information indicating Fox News content, storage information, internal Fox emails, usernames, employee ID numbers, affiliate station information and more,” wrote Fowler.

“One folder contained 65,000 names of celebrities, cast and production crew members and their internal Fox ID reference numbers. The records also captured a wide range of data points including event logging, host names, host account numbers, IP addresses, interface, device data, and much more.”

Fowler argued that the 700+ internal Fox email addresses could have been leveraged by fraudsters to carry out follow-on phishing attacks, while the database itself could have been encrypted and held to ransom.

Many of the records were labeled “prod,” which Fowler claimed usually indicates production or live records. However, a speedy response from the Fox News team seemed to suggest not.

“Thank you again for sharing your observations. As a follow up to our email yesterday, we have continued to investigate and we have determined that the database referenced in your email is a development environment not connected to any production environment,” it said in response to the researcher’s findings.

“The ability to publicly access such database has been addressed. As part of our investigation, we are reviewing logs to determine any anonymous access to the database.”.

Although it’s unclear how long the database was exposed, Fowler claimed the Fox team “acted fast and professionally” to mitigate the issue once notified.

What’s Hot on Infosecurity Magazine?