A cybersecurity researcher has discovered a large, unprotected backup belonging to Navy Federal Credit Union (NFCU), the largest credit union in the United States with over 14.5 million members and $180.8 billion in assets.
According to a report by Website Planet, researcher Jeremiah Fowler found the 378.7GB backup exposed online without password protection or encryption.
The files included system logs, hashed passwords, user names, email addresses, encryption keys, business logic, and other internal data. While no customer personal data was visible in plain text, the information could be highly valuable to cybercriminals for phishing, social engineering, or supply chain attacks.
The backup was secured shortly after disclosure, but it remains unclear how long the data was accessible or if unauthorized parties viewed it. Fowler noted that the exposed files clearly identified Navy Federal Credit Union based on naming conventions and internal folder structures.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
