Ten million Chileans, or more than half of the country's population, had their sensitive data stored by Caja Los Andes, the country's leading social security and pension fund, exposed as a result of an unsecured Apache Cassandra database, according to Cybernews.
Information leaked by the misconfigured database included not only individuals' names, birthdates, addresses, and phone numbers, but also their credit amounts, places of payments, and credit utilization data, reported the Cybernews research team, which also noted that the number of people affected was more than two times higher than the fund's overall membership last year. "This suggests that the leaked database likely includes family members, individuals who have switched providers, or those who may have passed away," said researchers. While Caja Los Andes has since addressed the exposed database, such a data leak could result in penalties of up to 4% of the organization's yearly income and major lawsuits under Chilean law.
