Government Payment Service Inc., a company that offers a service called GovPayNow used by U.S. state and local governments, exposed 14 million records online.
Discovered by security researcher Brian Krebs and revealed Tuesday, the breach included names, addresses, phone numbers and the last four digits of the payer’s credit card going back six years. It was all exposed by the company failing to secure them, leaving them open for anyone to access.