Top security guard firm exposed over a million files online

News
By published

Sensitive information on security guards exposed online

Data leak
(Image credit: Shutterstock)

A security guard firm was found leaking data that could lead to identity theft, physical breaches, theft, and even terrorism.

The news comes from cybersecurity researcher Jeremiah Fowler, who found an online database containing more than 1.2 million documents. The database did not have any sort of protection and could be accessed by anyone who knew where to look, WebsitePlanet reported. 

Subsequent investigation uncovered that the database belonged to a UK-based company called Amberstone Security Ltd, a firm offering technology and physical security services.

Physical threats

In the database, the researcher found personally identifiable information (PII) and face photographs of thousands of security guards. Furthermore, he found images of security credentials, as well as license cards, issued by the Security Industry Authority (SIA). The database also contained incident reports, as well as names and birthdates of potential criminals. 

Speaking with SIA, the researcher was told that the cards did not have any biometrics on them, hinting that with this database, a criminal could easily reproduce the cards, and thus impersonate security personnel. “This could potentially lead to a physical security breach, theft, vandalism, or — as a worse-case scenario — acts of terrorism,” the report states.

The researcher also found files on the development of an app called Guarded on Duty, which lets security guards log in and verify their current jobs by uploading images of their badges. Furthermore, he found APK files, which threat actors could use to infect the Android apps with malware.

After making the discovery, Fowler reached out to Amberstone Security, which confirmed locking down the database. 

The company also shifted the blame to an unnamed third party: “Thank you for bringing this to our attention, this is deeply concerning,” a company representative told the researcher. “I am investigating this with the supplier who developed and hosts the platform. Please rest assured that we take data security seriously, and this will be investigated thoroughly”.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
A graphic showing fleet tracking locations over a city.
Disability monitoring tool leaked personal information online
Data leak
Popular online bill paying site leaks data of thousands of users
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
healthcare
Over a million clinical records exposed in data breach
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Viggle

What is Viggle: everything you need to know about the AI animation tool and meme generator
See more latest
Most Popular
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Sky Glass Gen 2
It's a Glass act: the next generation of Sky Glass TV is now at Currys
Teams
Microsoft Teams is finally adding a tiny but crucial feature I honestly can't believe it never had
Apple Watch Ultra 2 move data
Apple is reportedly planning a huge future Apple Watch upgrade to turn it into an AI device with onboard cameras