This Week in Breach News: Hobby Lobby's mistakes pack a high cost.
If your business isn't using our Dark Web Monitoring Services please call us for a free scan and to discuss setting up this cutting edge monitoring service for you!
Not ready to talk yet? Visit our website to get your FREE Dark Web Scan. You will get a free, no obligation scan sent to your inbox within 24hrs. Visit today: www.denbeconsulting.com
Hobby Lobby
https://threatpost.com/hobby-lobby-customer-data-cloud-misconfiguration/164980/
Exploit: Misconfiguration
Descartes Aljex Software: Craft Supply Retailer
Risk to Business: 1.662 = Severe
Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information.
Individual Risk: 1.707 = Severe
Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company's app, and employee names and email addresses. This information can be used for spear phishing and identity theft.
Customers Impacted: 300,000
How it Could Affect Your Business: Making simple, avoidable blunders like this doesn't fill your customers with confidence that you're taking information privacy seriously.