// SpeedX Exposes Hundreds of Millions of Delivery Records in Massive Cloud Storage Leak

Exposed Data

According to the findings, the exposed storage contained personal information connected to package deliveries across the United States. Among the leaked files were shipping labels, delivery confirmation photos, shipment summaries, and recipient details. Researchers stated that many of the files included full names and home addresses of customers. A large portion of the exposed records reportedly consisted of parcel photos and shipping labels showing delivery information and destination details. Some images allegedly revealed packages placed directly outside residential properties, alongside visible address information.

Another section of the exposed storage reportedly contained hundreds of millions of PDF shipping labels tied to different stages of parcel transit. Some of those records included recipient information, while others referenced warehouses and processing facilities involved in package routing.

Driver Documents and Internal Data

The leak was not limited to customer data. Researchers also claimed the exposed storage contained files related to SpeedX drivers and internal operations. Among the records were photographs of driver’s licenses, screenshots allegedly showing SpeedX application credentials, and various shipment reporting documents. Researchers believe some of the submitted files were likely used during driver onboarding or identity verification processes. The exposed storage also reportedly included application log files and operational data connected to parcel processing and delivery management.

Company Disputes Breach Characterization

SpeedX acknowledged that a storage configuration issue existed but disputed claims that the incident amounted to a full data breach. According to statements attributed to the company, an internal review identified limited metadata exposure connected to the Azure storage configuration.

The company stated that it found no evidence of malicious access, data exfiltration, or compromise of customer systems. SpeedX also claimed that access to stored files still required knowledge of specific object paths and was not equivalent to unrestricted public access. Researchers involved in the discovery challenged that position, stating that access to the exposed files did not require detailed knowledge of object paths and that the bucket name alone was enough to retrieve data.

Supply Chain and Fraud Risks

Researchers warned that the exposed records could present long-term risks for both customers and drivers. Delivery-related data is commonly used in phishing operations, scam campaigns, and identity fraud due to the amount of personal and logistical information attached to shipments.

They also noted that the records could provide insight into the company’s internal delivery infrastructure and operational flow. According to the researchers, that type of visibility could potentially assist threat actors in crafting targeted attacks against logistics providers and supply chain operations. The exposed labels also reportedly referenced Raven Force Couriers, a Canadian delivery company that may be connected to SpeedX through cross-border shipping operations.

Conclusion

The SpeedX exposure adds to a growing list of delivery and logistics companies that have experienced cloud storage leaks involving customer shipment data. While the company stated that it found no evidence of abuse or unauthorized extraction of information, the scale of the exposed records has raised concerns over how sensitive delivery infrastructure and customer data are being stored and secured. Researchers noted that internet-facing cloud storage containers are frequently indexed and scanned by automated systems, meaning exposed datasets can potentially be accessed by unknown parties long before they are discovered and secured.