AMP Trading Platform BreachBack to blog
I’ve come across several finance-related data breaches within the past few weeks, most recently involving the AMP Futures trading platform.
While the exact nature of the leak is nothing new, a third-party IT vendor’s unsecured rsync backup device, the amount of money involved is on the large side. The files indicate that AMP has over $50 million on the books and additionally include the private details of over 10,000 account applicants.
The portion I downloaded comes to about 70 gigs and represents 97,000 different files. It includes credit reports, passport scans, internal company emails, customer chat logs, and basically everything an identity thief would need in order to mount a serious campaign. I was surprised at the number of plaintext customer passwords discussed in the chat logs (by staff and customers alike).
It took a few days for me to make contact with a real person at AMP. This is not entirely AMP’s fault though, as companies related to the stock market close down for the Good Friday holiday, which is then followed by a weekend.
The head honcho over at AMP was surprised when I fully explained the situation to him over a phone call. He rightly wondered what AMP was paying its third-party IT company for. If a third party, which specializes in IT, can’t catch this kind of leakage themselves, there is some serious improvement to be done.
AMP’s CEO was relieved to hear that I wasn’t trying to sell him anything or attempting any sort of blackmail or extortion, and I’m thankful he understood that I merely discovered the unsecured data rather than causing it to become unsecured. That’s a distinction many people fail to grasp, especially when their company is potentially in the hot seat.
In closing, I would like to say a special “thank you” to everyone that has read and passed along my reports of data insecurities over the past year and a half. I (Chris Vickery) am moving on to other ventures, but I wish the very best to everyone that will continue the great work we have been doing here at the MacKeeper Security Research Center.
Information for editors:
The Kromtech (MacKeeper) Security Research Center was established in Dec 2015 with the goal of helping to protect data, identifying data leaks and following responsible disclosure policy. Our mission is to make the cyber world safer by educating businesses and communities worldwide. Many of our discoveries have been covered in major news and technology media, earning the Kromtech Security Research Center a reputation as one of the fastest growing cyber data security departments.
For more information get in touch with us at: firstname.lastname@example.org