Securitas, a leading security services provider of on-site guarding and risk management, suffered a data breach, which exposed 1.5 million files. Based in Sweden and with branches throughout the world, Securitas provides a full suite of security services and products for corporate clients across various industries and employs more than 350,000 people in 48 markets. 

The data exposure, discovered by the cybersecurity team at SafetyDetectives, is believed to impact clients within Latin America in the aviation industry. One of the company’s Amazon S3 buckets was left open, exposing employee PII and sensitive company data of at least four airports in Colombia and Peru: El Dorado International Airport, Alfonso Bonilla Aragón International Airport, José María Córdova International Airport in Colombia and Aeropuerto Internacional Jorge Chávez in Peru. Other files may have exposed other airports. 

The SafetyDetectives team observed two primary databases containing the information of Securitas employees and airport employees, photos of ID cards and other unmarked images, including full names, pictures of employees, occupations and national ID numbers. The bucket contained:

• Device models of cameras used.
• GPS locations of photos (with coordinates and GPS maps).
• Times and date of photos.

Unmarked photos also exposed the data of Securitas clients, airport employees and associated businesses. 

In addition to exposing photos, the bucket contained data from Securitas mobile apps, used by security officers to help with several tasks, such as incident reporting. While the data did not expose any specific sensitive data, the SafetyDetectives team warns they could be used to aid in criminal activities. 

The SafetyDetectives cybersecurity team believes that many companies and employees across several industries may be exposed, and the impact of the breach spreads further than these organizations alone. The breach could affect airport security and the safety of people who protect the lives of travelers and airport staff if guerillas and terrorist organizations accessed the data.