Sensitive Files Exposed in Oklahoma Securities Commission Data Leak -- Security Today

Sensitive Files Exposed in Oklahoma Securities Commission Data Leak

Millions of sensitive files were discovered on an unprotected server belonging to a state level agency.

By Sydny Shepard
Jan 18, 2019

Millions of sensitive files—some regarding investigations by the FBI—were uncovered in an unprotected data leak at the Oklahoma Securities Commission in December.

Forbes reported that three terabytes of information was left on a server with no password, leaving it open to anyone with an internet connect. The leaked data included passwords, bank transactions, thousands of social security numbers and email archives stretching back nearly two decades.

"[The breach] represents a compromise of the entire integrity of the Oklahoma department of securities' network," Chris Vickery, head of research at UpGuard, which discovered the leak, told Forbes. "It affects an entire state level agency. ...It's massively noteworthy."

Vickery said the FBI files contained "all sorts of archive enforcement actions" dating back seven years. The documents included spreadsheets with agent-filled timelines of interviews related to investigations, emails from parties involved in various cases and bank transaction histories. There were also copies of letters from subjects, witnesses and other parties involved in FBI investigations.

Cybersecurity firm UpGuard discovered the leak and said they reported it to the Oklahoma Department of Securities. Forbes asked the FBI to comment on the leak of case files and a spokes person provided the following statement:

"Adhering to Department of Justice policy, the FBI neither confirms nor denies any investigation."

In a blog post about the data leak, UpGuard said that while there was years of information on the server, it was not accessible for long.

"The good news is that, while the contents of the server extended over years, the known period of exposure was quite short," UpGuard said. "Shortening the window of exposure reduces the likelihood of other parties accessing the data and enables its owners to take responsive measures before the data is used maliciously."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Axis Cloud Connect Marks One Year of Growth
04/02/2025
ISC West 2025 Concert to Feature Gin Blossoms
04/01/2025
ISC West 2025 Showcases the Largest-Ever SIA Education@ISC Program
04/01/2025
System Surveyor Launches Online Certification Program
03/28/2025
BlackCloak Releases Digital Executive Protection: Framework & Assessment Methodology
03/27/2025
ESX 2025 Closing Luncheon Speaker Michael Barnes to Deliver Expert Insights Strategic Takeaways
03/27/2025
i-PRO Welcomes Michelle Chapin as Director of Federal to Drive Strategic Growth in the Public Sector
03/27/2025
Paxton's New Greenville HQ Opens Doors for Tech Tour Attendees
03/27/2025

Featured

An Inside Look From Napco at ISC West

Get a look into the excitement at ISC West 2025 from Napco. Hear from some of their top-tech executives live from the show floor. Read Now
- Industry Events
- ISC West
Upping the Ante

I am not a betting man in terms of cards, dice, blackjack or that wheel with the black marble racing around the circumference of a spinning wheel, but I would bet on the success of ISC West this year. Read Now
- Industry Events
- ISC West
It's Show Time

I am one of those people that likes to see things get bigger and better. As advertised, ISC West is going to be bigger (more exhibitors) and better (more attendees). It’s show time in Las Vegas. Read Now
- Industry Events
- ISC West
SIA Releases New Report on Operational Security Technology

The Security Industry Association (SIA) has released an impactful new resource – Operational Security Technology: Principles, Challenges and Achieving Mission-Critical Outcomes Leveraging OST. Read Now
- IP Video

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.