Fuel industry software hit by data leak, IDs and Drivers Licenses exposed

News
By published

Sensitive customer data left exposed

Data leak
(Image credit: Shutterstock)

Hundreds of thousands of personal documents were left sitting in an unprotected database available to anyone who knew where to look, cybersecurity researcher Jeremiah Fowler has claimed.

Talking toWebsitePlanet, Fowler outlined how he discovered the database belongs to FleetPanda, a cloud-based fleet management and dispatch software designed to streamline fuel distribution operations.

The platform offers real-time tracking, automated order management, and seamless integration with various back-office systems.

FleetPanda reacts

The company kept a non-password-protected database containing 780,191 documents, with a total size of 193 GB. It held various .PDF, .JPG, and other files, which contained information on fuel and petroleum shipments to and from different companies, industries, and even pipelines. Other files included invoices, delivery tickets, but also driver applications, high-resolution images of driver’s licenses, and background checks that contained personally identifiable information (PII).

The files were generated between 2019 and August 2024, and were listed as cache files. The invoices also contained billing and delivery information such as bill to, delivered to, delivered by, ticket, PO or order numbers, truck numbers, and other internal identifiers or tracking data.

Fowler said that he disclosed his findings to FleetPanda, which locked the database a few days later - without a word. Therefore, we don’t know how long the database was kept unlocked, if a third party was maintaining it, and if anyone accessed the contents before Fowler did.

We reached out to the company with these questions and will update the article accordingly.

With most companies being “data companies” these days, and with the omnipresence of cloud computing, the majority of firms are holding their data in cloud storage. Therefore, unprotected databases remain one of the most common causes of data leaks.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Data leak
Popular online bill paying site leaks data of thousands of users
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
Data Breach
Thousands of healthcare records exposed online, including private patient information
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
Security padlock and circuit board to protect data
Foh&Boh data leak leaves millions of CVs exposed - KFS, Taco Bell, Nordstrom applicants at risk
A graphic showing fleet tracking locations over a city.
Disability monitoring tool leaked personal information online
Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
More about security
Sam Altman and OpenAI

OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
XGIMI Portable Outdoor Screen

This cheap new outdoor projector screen looks like a smart companion for portable projectors – get 70 inches of entertainment anywhere
See more latest
Most Popular
XGIMI Portable Outdoor Screen
This cheap new outdoor projector screen looks like a smart companion for portable projectors – get 70 inches of entertainment anywhere
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
HP ZBook Ultra G1a
HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
A mobile phone showing the Signal logo in front of a screen showing the app
Signalgate explained: what is Signal, and how secure is the messaging app?
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees