Sensitive Files Exposed in Oklahoma Securities Commission Data Leak -- Security Today

Sensitive Files Exposed in Oklahoma Securities Commission Data Leak

Millions of sensitive files were discovered on an unprotected server belonging to a state level agency.

By Sydny Shepard
Jan 18, 2019

Millions of sensitive files—some regarding investigations by the FBI—were uncovered in an unprotected data leak at the Oklahoma Securities Commission in December.

Forbes reported that three terabytes of information was left on a server with no password, leaving it open to anyone with an internet connect. The leaked data included passwords, bank transactions, thousands of social security numbers and email archives stretching back nearly two decades.

"[The breach] represents a compromise of the entire integrity of the Oklahoma department of securities' network," Chris Vickery, head of research at UpGuard, which discovered the leak, told Forbes. "It affects an entire state level agency. ...It's massively noteworthy."

Vickery said the FBI files contained "all sorts of archive enforcement actions" dating back seven years. The documents included spreadsheets with agent-filled timelines of interviews related to investigations, emails from parties involved in various cases and bank transaction histories. There were also copies of letters from subjects, witnesses and other parties involved in FBI investigations.

Cybersecurity firm UpGuard discovered the leak and said they reported it to the Oklahoma Department of Securities. Forbes asked the FBI to comment on the leak of case files and a spokes person provided the following statement:

"Adhering to Department of Justice policy, the FBI neither confirms nor denies any investigation."

In a blog post about the data leak, UpGuard said that while there was years of information on the server, it was not accessible for long.

"The good news is that, while the contents of the server extended over years, the known period of exposure was quite short," UpGuard said. "Shortening the window of exposure reduces the likelihood of other parties accessing the data and enables its owners to take responsive measures before the data is used maliciously."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

NAPCO Promotes Peter Lowenstein to Head Napco Access
01/16/2025
i-PRO Shares Key Predictions for the Physical Security Market in 2025
01/14/2025
Snap One Adds New Luma 4K Hybrid Surveillance Cameras to X20 Portfolio
01/14/2025
Per Mar Security Services Acquires Accu-Com Security Solutions
01/14/2025
RapidFire Safety & Security Acquires Kane Fire Protection
01/13/2025
Mission 500 Announces Leadership Updates and New Board of Directors Roles for 2025
01/13/2025
SEC Partners with SCIP to Expand Focus on Private-Sector Intelligence
01/13/2025
Napco Access Pro’s Continental Enterprise Security Management Platform, GSA Certified, FIPS 201 Approved
01/07/2025

Featured

TSA Intercepts 6,678 Firearms at Airport Security Checkpoints in 2024

During 2024, the Transportation Security Administration (TSA) intercepted a total of 6,678 firearms at airport security checkpoints, preventing them from getting into the secure areas of the airport and onboard aircraft. Approximately 94% of these firearms were loaded. This total is a minor decrease from the 6,737 firearms stopped in 2023. Throughout 2024, TSA managed its “Prepare, Pack, Declare” public awareness campaign to explain the steps for safely traveling with a firearm. Read Now
- Airport Security
2024 Gun Violence Report: Fewer Overall Incidents, but School Deaths and Injuries Are on the Rise

Omnilert, provider of gun detection technology, today released its compilation of Gun Violence Statistics for 2024 summarizing gun violence tragedies and their adverse effects on Americans and the economy. While research showed a decrease in overall deaths and injuries, the rising number of school shootings and fatalities and high number of mass shootings underscored the need to keep more people safe in schools as well as places of worship, healthcare, government, retail and commerce, finance and banking, hospitality and other public places. Read Now
- Facility Security
Survey: Only 7 Percent of Business Leaders Using AI in Physical Security

A new survey from Pro-Vigil looks at video surveillance trends, how AI is impacting physical security, and more. Read Now
- Artificial Intelligence
MetLife Stadium Uses Custom Surveillance Solution from Axis Communications

Axis Communications, provider of video surveillance and network devices, today announced the implementation of a custom surveillance solution developed in collaboration with the MetLife Stadium security team. This new, tailored solution will help the venue augment its security capabilities, providing high-quality video at unprecedented distances and allowing the security team to identify details from anywhere in the venue. Read Now
- Video Surveillance
- Facility Security

Webinars

Salient Systems, Hanwha Vision (formerly Hanwha Techwin), AtlasIED, Safety Technology International Inc., Omnilert, System Surveyor

Building a Unified Approach to School Safety
The Center for Safe and Resilient Schools and Workplaces

Precovery in Action: Proactive Strategies to Promote School Safety and Mass Violence Prevention
Hanwha Vision (formerly Hanwha Techwin), NAPCO Security Technologies, Inc.

Getting Control of your Access

Whitepapers

Salient Systems

A Model for Community Security
Genetec

State of Physical Security 2025
Winsted Corporation

Sit/Stand Consoles: Helping Increase Productivity

New Products

Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3
Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3