FBI Raids Home of Researcher Who Alerted Company of Publicly Exposed Data
This happens in America again.
Eaglesoft is manufactured by Patterson Dental, a division of Patterson Companies.
Shafer discovered this while he was investigating the companys Eaglesoft software.
He was searching for the hard-coded database credentials when he discovered an anonymous FTP server which anyone could access.
Shafer notified the company as well as CERT.
Shafer worked with DataBreaches.net to secure the FTP server with Patterson Dental and made his findings public in mid-February.
CERT added that it was currently unaware of a full solution to this problem.
Later, the family heard a loud banging on their door.
The agents allegedly ordered Shafer to put his hands behind his back.
As they handcuffed him, his 9-year-old daughter cried in terror, Shafer said.
The only thing they left was my wifes phone.
The seized property list shows that federal agents took 29 items.
What was his alleged crime?
Anyone could have accessed the server, its not like it was secured.
Shafer told the Daily Dot, that the FTP server had been unsecured for years.
I actually remember them having a passworded FTP site back in 2006.
At some point they made the FTP site anonymous.
I think around 2010.
This is not the first time that Shafer has faced this problem from the healthcare industry.
Shafers findings led to another US-CERT alert, and a fine from the FTC.
source: www.techworm.net
