Cloud Security, Data Security, Privacy

Over 198GB of data exposed by misconfigured database

Global e-commerce market and business management platform has exposed 198.3GB of sensitive data from a misconfigured cloud database, according to Hackread. Over 260,000 records were included in the data leak, including affiliate payouts, invoices, accounting records, and refund transactions, as well as personally identifiable information and Know Your Customer Data from the retailer's customers and affiliates around the world, a report by cybersecurity researcher Jeremiah Fowler published on WebsitePlanet showed. Such customer data included personal identification cards, passports, licenses, and selfies, as well as their credit card details that were not redacted. After being notified regarding the misconfigured database, confirmed that it had already resolved the concern and diverted PII. However, Fowler said that the database remained accessible online before being closed off. Organizations have been urged to ensure database security through regular audits, limited user access privileges, robust authentication and access controls, data encryption, regular software patches and updates, automated configuration management tools, and proper employee education.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.