Account data for more than half a million car tracking devices was leaked online

Login data for more than half a million records tied to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal and vehicle data of drivers and businesses using its service.  

The leaked repository was first spotted by the Kromtech Security Center, which blamed a misconfigured Amazon AWS S3 bucket that was left publicly accessible for an unknown period of time for the breach. Kromtech first noticed the cache on Sept. 18, according to Gizmodo, and the bucket was closed from public access hours after the security company alerted SVR on Sept. 20.  

The records included user login info like emails and passwords, along with VINs (vehicle identification numbers) and license plate numbers, data about the GPS devices, and "other data" collected by SVR Tracking about its devices, customers, and auto dealerships that do business with the company.  Read more...