Security News > 2020 > February > Data about inmates and jail staff spilled by leaky prison app
The leaky bucket belongs to JailCore, a cloud-based app meant to manage correctional facilities, including by helping to ensure better compliance with insurance standards by doing things like tracking inmates' medications and activities.
JailCore closed down the data leak between 15 and 16 January: 10 or 11 days after vpnMentor notified it about the breach.
The leaky bucket held 36,077 PDFs of data from an Amazon server belonging to JailCore.
Of those 6 jails, only 1 is using the application to track medication compliance in a 35 inmate jail and only 5 of those 35 inmates in that jail has a prescribed medication.
Back in 2017, security vendor Threat Stack conducted a survey of 200 AWS users in early 2017 and found that 73% left SSH open to the public, and 62% weren't using two-factor authentication to secure access to their data.