Breach, Cloud Security

Eversource Energy data breach caused by unsecured cloud storage

April 20, 2021
Eversource Energy, based in New England, Mass., says an unsecured cloud storage server allowed a data breach that left the personal information of 11,000 of the company’s customers in eastern Massachusetts accessible to potential threat actors, BleepingComputer reports.

The company issued a data breach notification to affected customers, telling them that their name, address, phone number and social security number were among the information exposed in the breach, and offered an identity monitoring service provided by Cyberscout free for one year.

In a frequently asked questions document, the company explained that a security review on March 16 uncovered a cloud data storage folder that was incorrectly configured to allow anybody access to its contents, which were unencrypted files with the customers’ personal information, created in August 2019. The company said it immediately secured the data and launched an investigation and stated that currently it has not found signs of the data being accessed by unauthorized individuals.
Jill Aitoro

SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

prestitial ad