BreachExchange mailing list archives
India’s Vijay Sales Leaks Private Information through Exposed Amazon Backup Server
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 20 Mar 2020 09:28:05 -0500
https://www.riskbasedsecurity.com/2020/03/20/indias-vijay-sales-leaks-private-information-through-exposed-amazon-backup-server/ Modern companies use various strategies to thwart the persistent attempts of hackers. However, in many cases it is not an offensive measure that breaches sensitive data but simple misconfigurations. Open Season on Misconfigured Databases Misconfigured databases have had a consistent role in the increasing number of records exposed. Risk Based Security has written and published research about the practice of targeting open, unsecured databases to either steal data or hold it for ransom since 2016, yet we still see organizations unwittingly provide malicious actors a trove of personal data. VIJAY SALES On March 2nd, 2020, a notorious threat actor posted a leaked Vijay Sales database on a popular dark web hacker forum. Vijay Sales is a large electronics retail store chain in India, with nearly two hundred thousand users affected in the leak. The threat actor claimed the source was from an “exposed backup server” breached in February 2020. The user records included names, email addresses, passwords, phone numbers, and device information. In addition, a total of 90 files were found that also included thousands of customer service records, detailed store and personnel information, business operations information, and numerous administrative accounts that contained usernames, email addresses, passwords, verification codes, and roles. GEOCLOUD In the same week, a different threat actor posted another database, this time from technology company GeoCloud, leaked through a public Amazon server. The data contained users’ names, email addresses, and passwords as well as the company’s social media keys and company information. Small Mistakes Add Up Not only are exposed cloud servers a quick and easy data exfiltration target for hackers, but they can also include sensitive company information and expose much more than just user credentials. These exposed details certainly increase the company’s vulnerability in the future. The misconfiguration of databases often results from human error and these mistakes add up. In our recent 2019 Year End Data Breach QuickView Report, we highlighted that only four breaches in 2019 resulted in the exposure of 6.7 billion records. All four of these events were caused by open, misconfigured databases that were publicly available. Numerous exposed servers are shared on hacker forums daily, whether through portal access or pre-downloaded databases, with most of them having unattributed sources. While it is imperative to defend against offensive measures by hackers, it is just as important to not give away that data yourself. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- India’s Vijay Sales Leaks Private Information through Exposed Amazon Backup Server Destry Winant (Mar 20)