VPN Mentor just published cybersecurity researcher Jeremiah Fowler’s latest findings, revealing a non-password-protected database containing 245,949 records (286.9 GB), tied to a Texas-based tax credit consultancy.
The exposed data includes PII such as full names, Social Security Numbers, driver’s licenses, military discharge forms, physical addresses, employment-related documents—many containing sensitive tax or financial details, and more.
This breach raises serious concerns about privacy and data handling within the tax credit industry. Given the nature and scope of the exposure, the risks include identity theft, financial fraud, and targeted phishing attacks.
You can find the full report here: https://www.vpnmentor.com/news/report-rockerbox-breach/
UPDATE: Erich Kron, Security Awareness Advocate at KnowBe4, commented:
“Breaches like this, with so much personal and tax-related information can be a real issue for the victims. The information is more than enough to steal an identity or to give attackers data they can use to make scams seem very convincing.
“Organizations that collect and process information, such as this, need to ensure that security is a top priority within the organization. Employees should be educated about social engineering attacks, the way most breaches start, and have technical controls in place to ensure data is encrypted and kept safe. Data Leakage Prevention (DLP) tools are critical in an organization like this, as are policies and procedures with a focus on data protection.”
Like this:
Like Loading...
Related
This entry was posted on July 8, 2025 at 11:00 am and is filed under Commentary with tags VPN Mentor. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
PII, ID Numbers, & SSNs Exposed in Tax Credit Consultancy Data Breach
VPN Mentor just published cybersecurity researcher Jeremiah Fowler’s latest findings, revealing a non-password-protected database containing 245,949 records (286.9 GB), tied to a Texas-based tax credit consultancy.
The exposed data includes PII such as full names, Social Security Numbers, driver’s licenses, military discharge forms, physical addresses, employment-related documents—many containing sensitive tax or financial details, and more.
This breach raises serious concerns about privacy and data handling within the tax credit industry. Given the nature and scope of the exposure, the risks include identity theft, financial fraud, and targeted phishing attacks.
You can find the full report here: https://www.vpnmentor.com/news/report-rockerbox-breach/
UPDATE: Erich Kron, Security Awareness Advocate at KnowBe4, commented:
“Breaches like this, with so much personal and tax-related information can be a real issue for the victims. The information is more than enough to steal an identity or to give attackers data they can use to make scams seem very convincing.
“Organizations that collect and process information, such as this, need to ensure that security is a top priority within the organization. Employees should be educated about social engineering attacks, the way most breaches start, and have technical controls in place to ensure data is encrypted and kept safe. Data Leakage Prevention (DLP) tools are critical in an organization like this, as are policies and procedures with a focus on data protection.”
Share this:
Like this:
Related
This entry was posted on July 8, 2025 at 11:00 am and is filed under Commentary with tags VPN Mentor. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.