This Week in Breach News: Hobby Lobby's mistakes pack a high cost.

If your business isn't using our Dark Web Monitoring Services please call us for a free scan and to discuss setting up this cutting edge monitoring service for you!

Not ready to talk yet? Visit our website to get your FREE Dark Web Scan. You will get a free, no obligation scan sent to your inbox within 24hrs. Visit today: www.denbeconsulting.com

Hobby Lobby

https://threatpost.com/hobby-lobby-customer-data-cloud-misconfiguration/164980/

Exploit: Misconfiguration

Descartes Aljex Software: Craft Supply Retailer

Risk to Business: 1.662 = Severe

Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information.

Individual Risk: 1.707 = Severe

Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company's app, and employee names and email addresses. This information can be used for spear phishing and identity theft.

 

Customers Impacted: 300,000

How it Could Affect Your Business: Making simple, avoidable blunders like this doesn't fill your customers with confidence that you're taking information privacy seriously.

Download The Full Report