kamesenin_abm
Member
- Thread Author
- #2
I have the admin credentials to a customer management portal for a major COVID testing site.
The testing company is a publicly traded company.
The credentials are not hacked -- they were given to me by the stepson of the former CEO (whos credentials were never revoked).
there are about 250,000 records, about 90% have a state ID/passport or green card both sides, about 95% have both sides of the users insurance card. About 30% have a social security number. All have name address and email and DOB. I should note here that the 250K records include numerous individuals who tested multiple times, and who thus have multiple records. My estimate is that there are about 100K unique people in that 250K
The company email account credentials are included, for two different email accounts (one of which is the results account), this could be potentially great for spreading.
The portal is hosted by an even larger lab testing, medical management company that caters to numerous medical operations that do outside lab testing. Once you are logged in, my feeling is that the medical management company and the rest of the records it hosts are very vulnerable. As an example of their poor security, i was able to obtain about 600K records, 80K with SSN, using a line in their unobfuscated JavaScript which my login should not have had access to. (I will include it it was something like site.com/ajax.php?listallusers). I have also had some limited success finding records my login should not have access to using url manipulation. And I have zero hacking skills. There is a ton of stuff in the site javascript that seems like it might be exploitable.
I do not have a full site mirror set up, but I do most of the actual custiomer data scraped, and this is included in the price. That said, i suspect the login credentials will be pretty persistent.
I am looking for 40k. I have a vendor account on AB, or alternatively am willing to use site escrow if it is available on blocked.
my telegram ishttps://t.me/kenaustinA feel free to contact me with any questions.
The testing company is a publicly traded company.
The credentials are not hacked -- they were given to me by the stepson of the former CEO (whos credentials were never revoked).
there are about 250,000 records, about 90% have a state ID/passport or green card both sides, about 95% have both sides of the users insurance card. About 30% have a social security number. All have name address and email and DOB. I should note here that the 250K records include numerous individuals who tested multiple times, and who thus have multiple records. My estimate is that there are about 100K unique people in that 250K
The company email account credentials are included, for two different email accounts (one of which is the results account), this could be potentially great for spreading.
The portal is hosted by an even larger lab testing, medical management company that caters to numerous medical operations that do outside lab testing. Once you are logged in, my feeling is that the medical management company and the rest of the records it hosts are very vulnerable. As an example of their poor security, i was able to obtain about 600K records, 80K with SSN, using a line in their unobfuscated JavaScript which my login should not have had access to. (I will include it it was something like site.com/ajax.php?listallusers). I have also had some limited success finding records my login should not have access to using url manipulation. And I have zero hacking skills. There is a ton of stuff in the site javascript that seems like it might be exploitable.
I do not have a full site mirror set up, but I do most of the actual custiomer data scraped, and this is included in the price. That said, i suspect the login credentials will be pretty persistent.
I am looking for 40k. I have a vendor account on AB, or alternatively am willing to use site escrow if it is available on blocked.
my telegram ishttps://t.me/kenaustinA feel free to contact me with any questions.