Jamaica’s Amber Group sets second JamCOVID security phase

 Amber Group has settled a second security lapse that disclosed private keys and passwords for the administration’s JamCOVID app and website.

24th of February 2021

Jamaica's Amber Group sets second JamCOVID security phase

Jamaica: Amber Group has settled a second security lapse that disclosed private keys and passwords for the administration’s JamCOVID app and website.

A security researcher said TechCrunch on Sunday that the Amber Group left a file on the JamCOVID website by error, which contained passwords that would have given access to the backend systems, storage, and databases operating the JamCOVID site and app. 

The analyst asked not to be named for fear of legal repercussions from the Jamaican administration.

This database, known as an environment variables (.env) file, is often used to collect private keys and passwords for third-party services that are essential for cloud applications to run. But these files are sometimes inadvertently exhibited or uploaded by mistake but can be abused to gain access to data or services that the cloud application relies on if found by a threat actor.

The exposed environmental variables file was found in an open directory on the JamCOVID website. Although the JamCOVID domain appears to be on the Ministry of Health’s website, Amber Group controls and maintains the JamCOVID dashboard, app, and website.

The exposed file carried secret credentials for the Amazon Web Services databases and storehouse servers for JamCOVID. The file also contained a username and password to the SMS gateway used by JamCOVID to send text messages and credentials for its email-sending server. 

On the other hand, While COVID-19 has clearly been the focus in 2020/2021, the Government continues to work on its general health system strengthening initiatives, including:

• Construction of a 5-bed Intensive Care Unit (“ICU”) for Mandeville Regional Hospital

• Expansion of ICU capacity at the Cornwall Regional Hospital; University of the West Indies, Kingston Public and Victoria Jubilee Hospitals

• Creation of 4-bed High Dependency Unit (“HDU”) space at the Spanish Town Hospital

• Construction of two facilities – one in the Eastern and the other in the Western part of the island – to provide additional isolation beds.

• Increase in the number of trained critical care personnel.

Besides the pandemic, activities directed towards enhanced vector control and prevention and management of non-communicable diseases have continued through inter-ministerial collaboration and private sector partnerships.

Click here for more news

Facebook
X
Pinterest
Whatsapp

Latest

Jacob Smith

Related Articles

Actress Priyanka Chopra celebrates New Year 2025 in Turks and Caicos with husband Nick Jonas and daughter

11 hours ago

Dr. Keith Rowley to step down before term ends, will not contest 2025 General Election

4th of January 2025

Antigua and Barbuda sets the tone for 2025 with record-breaking cruise season, bringing 12,000 passengers

4th of January 2025

Stranded Passengers return to Guyana after 3-day delay by British Airways

3rd of January 2025

Former eligible employees to receive LIAT Employees Compassionate Payment Bond

3rd of January 2025

Plane crashes into furniture manufacturing building in Southern California, killing 2 and injuring 19

3rd of January 2025

Antigua and Barbuda records first murder of 2025, 35-year-old farmer killed in domestic dispute

3rd of January 2025

Dr Denzil Douglas declares 2025 a 'Year of Opportunity' for St Kitts and Nevis

3rd of January 2025