News and Updates on Information Technology

Adafruit has disclosed a data breach caused by a public GitHub repository

Exploit: Insider Risk

Adafruit: Open-Source Hardware

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.847 = Moderate

An employee’s publicly accessible GitHub repository is to blame for a data security breach at New York hardware developer Adafruit, resulting in exposure of information about some users on or before 2019. The company was quick to provide assurances that the data set did not contain any user passwords or financial information such as credit cards, but not so quick to send emails to impacted users, waiting until after publishing a notification on its blog that was picked up by media outlets.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.802 = Moderate

Exposed data for users may include names, email addresses, shipping/billing addresses, order details, and order placement status via payment processor or PayPal.

How it Could Affect Your Customers’ Business Whether they’re malicious or not, insider actions can have a major effect on companies even if the insider no longer works there.

Source: Bleeping Computer