// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
Breach Record

SpeedX

DISCLOSED 2026-05-30 · MISCONFIG · 840,000,000 RECORDS EXPOSED

SpeedX, a delivery platform, exposed over 840 million records including customer names, addresses, parcel photos, and driver's license images. The company stated the incident was due to a configuration issue rather than unauthorized access. The exposed data was accessible online, potentially making it one of the largest delivery data leaks.

The record

What we know

Disclosed
2026-05-30
Attack vector
Misconfig
Sector
delivery
Records exposed
840,000,000
Data classes exposed
full nameshome addressesparcel photosdriver's license images
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

The article describes a misconfiguration that exposed data online, not an endpoint compromise. A positive-security model might not directly prevent a cloud storage misconfiguration unless it governs configuration states, which is unclear from the facts.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other misconfig breaches on file

This page is the permanent ColdRecon entry for the SpeedX disclosure. It updates if new public reporting emerges. All tracked breaches →

SpeedX just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →