Over 1.5M Sensitive Files On Oil Rigs Leaked

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Researchers discovered that WorldLive LLC, a company that manages data for large oil rigs, had a data leak that exposed more than 1.5 million sensitive files.

The source of the leak was none other than WorldLive’s service provider, Microsoft. More specifically, the Microsoft Cloud Storage Blob had no internal authentication process, leaving the data stored in WorldLive’s cloud exposed.

Until the leak was detected, these files were easily accessible by anyone with an internet connection, though it’s unknown if anyone accessed them.

The leak includes files kept on employees and customers, including full names, birthdays, addresses, phone numbers, emails, and social security numbers. On top of all of that, sensitive employee data like the results of physical examinations, certificates, resumes, assessments, and more were included.

There were also files containing photographs of the company’s critical infrastructure.

Researchers with Cybernews found the records of 5 major oil businesses including ExxonMobil, JP Oil Holdings, and Noble Energy. They believe it may have affected more oil companies.

If malicious actors found the leak before researchers did, the data could be used to construct tailored phishing schemes to lure you into their schemes or used to target employees directly.

Glaring cybersecurity weaknesses in vital infrastructure like an energy company or its service providers raise problems. Firstly, hackers or “hacktivists” target critical infrastructure in order to steal the most money or cause as much damage to the company as possible.

Data leaks like this raise terrorism threats, as rival countries could use that data to interrupt energy services.

“Critical infrastructure has been increasingly targeted by hacktivists in the last couple of years. Critical infrastructure has always been a prime target for Advanced Persistent Threat (APT) groups,” explains a researcher with Cybernews. “We have also seen such attacks done for financial gain, as was the case in the Colonial Pipeline Ransomware attack.”

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment