> Zero password protection on document storage systems > > No encryption for sensitive identity verification data > > Public URL access with no authentication requirements > > No access logging or monitoring systems in place
Pretty much the bingo of secure storage, even CTF demos make it less obvious. Storing a document that they have no business keeping in the first place, with no security whatsoever.