News and Updates on Information Technology

McDonald’s in the UK leaks password for Monopoly VIP database to winners

Exploit: Misconfiguration

McDonald’s: Fast Food Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.917 = Severe

The popular “Monopoly” game is back at McDonald’s in the UK, and winners received a surprise when the login names and passwords for the game’s database were made available to all winners. A Misconfiguration caused automated emails that went out to prize winners to contain the relevant usernames and passwords for both the production and staging database servers, allowing anyone to access the information. The missent information also included sensitive back-end info like hostnames for Azure SQL databases.

Individual Impact: The company contends that no customer inforation was compromised.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Human error will always be the biggest enemy of cybersecurity. Ensure that mistakes like this don’t happen by making sure everone knows that they’re responsible for security and not just the IT team.

Source: Bleeping Computer