News and Updates on Information Technology

Azure Blob at Raven Hengelsport exposed records of 246,000 anglers

Exploit: Misconfiguration

Raven Hengelsport: Specialty Fishing Supply

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.602 = Severe

Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months. That server, hosting 18GB of company data covering at least 246,000 customers across 450,000 records, was discovered by security researchers and had purportedly been wide open for months. Even after researchers attempted to contact the company it took a long time for them to do anything about it.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.416 = Moderate

The bonanza of information contained customer IDs, delivery dates, discounts, shipping fees, payments and shipment tracking numbers as well as PII like names, surnames, addresses, genders, phone numbers, email addresses and business names.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Mistakes like this are only compounded by blunders in the response. It shows clients that you aren’t concerned about their security if you aren’t concerned about yours.

Source: The Register