| Customers: Eurasia, insurance company Project date: 2019/12 - 2020/06
|
2020: Detection of vulnerability on an Internet resource
On July 28, 2020 it became known that during monitoring of the Kazakhstan segment of the Internet on existence of threats of information security of Service of response to computer incidents of KZ-CERT vulnerability on the eurasia36.kz Internet resource which belongs to JSC Eurasia Insurance Company (further - JSC SK Evraziya) was revealed. This vulnerability is given the high degree of threat which allowed to get data access on the Web server.
Also experts of Service KZ-CERT reported that vulnerability would allow malefactors to steal or compromise slabozashchishchenny personal data of clients. Information contained confidential data of clients such as IIN, number of the certificate, this insurance, etc.
Joint efforts Service KZ-CERT and JSC SK Evraziya processed an Internet resource operation algorithm regarding data protection. Also, for July, 2020 work of department of information security and service of external audit is corrected so that possible vulnerabilities came to light the company independently and more quickly.
This vulnerability was completely eliminated by specialists in information security of JSC SK Evraziya in the shortest possible time, during the period between detection of vulnerability and its elimination of the facts of unauthorized leaks personal data was not recorded.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |