News and Updates on Information Technology

Brazilian e-commerce Hariexpress clients records for over 18. billion data has been exposed

Exploit: Misconfiguration

Hariexpress: e-Commerce Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.616 = Severe

Brazilian e-commerce firm Hariexpress is in hot water after it exposed an estimated to 1.8 billion client and seller records. The problem appears to have originated with a misconfigured Elasticsearch server, according to researchers. The server was left unencrypted with no password protection in place, exposing 610GB of data and that data may have been exposed for several months.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.616 = Severe

Exposed customer data included full names, home and delivery addresses, phone numbers, and billing details. Also exposed were sellers’ full names, email and business/home addresses, phone numbers, and business/tax IDs (CNPJ/CPF).

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Human error will always be a company’s biggest cyber attack risk. It pays to make sure that everyone feels like they’re responsible for security to avoid messes like this.

Source: Info Security