Exploit: Misconfiguration
Melijoe: Luxury Children’s Clothier
Risk to Business: 2.771=Moderate
An Amazon S3 bucket that belonged to French kids’ fashion retailer Melijoe was left accessible on the web with no authentication controls in place, exposing the sensitive and personal data of potentially hundreds of thousands of customers. The bucket has exposed almost 2 million files, totaling around 200 GB of data, including wish lists, purchases, preferences and other customer data.
Risk to Individual: 2.822=Moderate
The Preferences dataset exposed forms of customer PII and sensitive customer data, including email addresses, names of children, genders, dates of birth, preferences of brands. Other datasets included SKUs of purchased items, payment type (but not payment card or bank information), order dates and delivery preferences.
How it Could Affect Your Customers’ Business Cybercriminals are always hunting for personal data, and Retail has been one of the hardest-hit sectors in terms of data breaches.
Source: Safety Detectives