Rockerbox Breach Exposes SSNs, Licenses of 245,949 Users

A misconfigured cloud storage bucket at Dallas-based tax consultancy Rockerbox exposed 245,949 sensitive user records, including Social Security numbers and driver’s licenses. The Rockerbox breach exposes SSNs through an unencrypted 286.9 GB repository that was openly accessible via a simple HTTP GET request and indexed online by early July 2025.

The exposed data included tax documents, military discharge forms, and identification files. Analysts warned that attackers could weaponize these records to fabricate synthetic identities or conduct social engineering campaigns. The Rockerbox breach exposes SSNs in bulk, enabling fraudsters to bypass basic verification checks with credible-looking profiles.

Security researchers also found that file paths included employer names and applicant details, offering threat actors a detailed attack map. Some folders were accessible while others returned 403 errors, illustrating inconsistent access controls. Rockerbox revoked public access quickly, but the potential data exposure window remains unclear.

Read the full article at

Rockerbox Data Leak – 245,949 User Records Exposed Including SSNs and Driver’s Licenses