AgentRun data leak reveals personal sensitive information of customers

The US software company AgentRun has accidentally exposed the thousands personal sensitive information of policyholders recently. The reason is actually that of an unencrypted Amazon S3 bucket.

AgentRun is a software company based in Chicago, Illinois, United States. Founded in 2012 by former independent insurance broker and software engineer Andrew Lech, AgentRun specializes in providing client management software for insurance brokers.

Insecure Amazon S3 buckets contain large amounts of cached data, involving sensitive personal information from thousands of different insurance company customers, including customers of large insurers like Cigna and SafeCo Insurance. The leaked information may include insurance policy documents. , health and medical information, and some financial data.

ZDNet pointed out that insecure buckets are not password protected and anyone can access them. Andrew Lech, the founder of the company, confirmed the data event via email and stated that the problem was in the process of upgrading applications and data transfer. When the data was transferred to this bucket, the permissions of the bucket appeared artificial. error.

Lech said that the entire data breach lasted only about an hour because they immediately shut down the server after receiving notifications about the exposure of the bucket. During this period, the data that can be accessed by the public mainly include insurance policy documents, scanned copies of various documents, and some medical record files.

The policy document contains detailed policyholder personal information such as name, email address, date of birth, and telephone number. In some cases, some documents also show income ranges, race and marital status, and even a blank bank check.

For scans, various documents, such as social security cards, medical cards, driver’s licenses, voter cards, and military documents, are involved; medical record files contain information that can determine the medical status of policyholders, including the individual’s prescription, dosage, and cost.

In addition to Cigna and SafeCo, incident-influenced insurance companies include TransAmerica, SafeCo Insurance, Manhattan Life, and Everest. Lech said that they will notify all affected client companies and policyholders and will also notify the relevant authorities.