News and Updates on Information Technology

Cronin digital marketing agency exposed 92 million records online, including employee and customer data.

Exploit: Misconfiguration

Cronin: Digital Marketing Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.917= Severe

Researchers discovered a non-password-protected database that contained 92 million records belonging to the digital marketing firm Cronin last week. The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. Exposed client records include internal logging of client advertisement campaigns, keywords, Google analytics data, session IDs, Client IDs, device data, and other identifying information. Sales data was also exposed in a “Master Mailing List” with direct physical names, addresses, Salesforce IDs, phone numbers, and references to where the leads came from for customers and prospects. Internal Cronin employee usernames, emails, and hashed passwords, and some unspecified PII and financial data were also exposed.

Individual Impact: Reports of this breach include mention of exposed employee financial data and PIIbut no details were available as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Information security is challenging enough without the complications of sloppy and dangerous mistakes like this.

Source: Website Planet