Exploit: Misconfiguration
The Telegraph: News Organization
Risk to Business: 2.122=Severe
UK news giant The Telegraph is in hot water after researchers discovered an unsecured database that exposed an enormous amount of information, an estimated 10 TB of data. Much of the data appears to apply to Apple News customers. The researcher who discovered it noted that at least 1,200 unencrypted contacts were accessible without a password. The Telegraph announced that it quickly secured the database as soon as it was informed of the issue, which impacted less than 0.1% of its subscribers.
Risk to Business: 2.801=Moderate
The exposed information includes internal logs, full subscriber names, email addresses, device info, URL requests, IP addresses, authentication tokens and unique reader identifiers, mostly for users who accessed The Telegraph through Apple News.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business It pays to make sure that companies are building a strong security culture to discourage neglectful practices.
Source: Bleeping Computer