Exploit: Misconfiguration
21 Buttons: Fashion Social Network
Risk to Small Business: 1.511 = Severe
A misconfigured AWS bucket has led to the exposure of personal data for hundreds of influencers and fashion industry fans after security researchers discovered a gaping hole in the platform. The app, which has been downloaded more than 5 million times, allows users to trade and share content as well as enabling e-commerce. This security issue wasn’t fixed for at least a month, exposing the personal and financial data of the platform’s users to anyone who cared to see it.
Individual Risk: 1.762 = Severe
Over 50 million files were available and exposed in this incident including payment data for influencers, company invoices, users’ full names and addresses, financial information such as bank account numbers, PayPal email addresses, photos, and videos.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This kind of information is valuable, and cybercriminals know that they can make a pretty penny on it in the booming Dark Web data markets.
Source:
https://www.hackread.com/fashion-marketplace-21-buttons-expose-users-data