https://www.texastribune.org/2022/05/16/texas-insurance-data-breach/
Exploit: Misconfiguration
Texas Department of Insurance (TDI): Regional Government Agency
Risk to Business: 1.804 = Severe
A routine audit discovered that a misconfigured server at the Texas Department of Insurance has been leaking information for three years. The report disclosed that the personal information of an estimated 1.8 million Texas workers who have filed compensation claims between March 2019 and January 2022 has been exposed. TDI says that the problem has been corrected and that its investigation found no evidence that the information had been stolen or used unlawfully.
Risk to Business: 1.923 = Severe
The personal information of 1.8 million workers who have filed compensation claims in Texas was exposed including Social Security numbers, addresses, dates of birth, phone numbers and information about workers’ injuries.
How It Could Affect Your Customers’ Business: Misconfiguration errors are common and just as costly and problematic as many cyberattacks.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.