Brian Krebs writes:
On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to access data that wasn’t already accessible via a simple Web search.
MBIA Inc., based in Purchase, N.Y., is a public holding company that offers municipal bond insurance and investment management products.
Read more on KrebsOnSecurity.