cyberscan.io® found millions of personal data freely accessible on the Internet
Using its cyberscan.io® software, the DGC has discovered the largest data breach in Germany to date. 3 million data records of individuals and companies were freely available on the Internet for anyone to view. These personal data records of the car rental company Buchbinder (Car Partner Nord GmbH) contained name, address, telephone number, payment information, driver’s license number, pick-up and drop-off location of the rental car, accident reports (including blood alcohol tests), and any violations of the StVO by the drivers.
Shortly after cyberscan.io® discovered this data breach in early December, in accordance with cyberscan.io’s Disclosure Policy, the company had been informed several times that its data security was very much at risk and asked to get in touch. After there had been no reaction from Buchbinder until the end of December, cyberscan.io® informed the Data Protection Authority in Bavaria. Since Monday, January 20, 2020, the security gap has been fixed. Today, ZEIT and c’t reported on this data scandal for the first time.