Exploit: Unprotected database

SOS Online Backup: Cloud storage provider

Risk to Small Business: 2.472 = Severe

Cybersecurity researchers identified an exposed database containing nearly 70 GB of sensitive data. The database was discovered in November 2019, but it wasn’t examined until December 9, 2019. Although SOS Online Backup was notified of the breach the next day, it took ten days to have the vulnerability secured – and the company waited several months before informing customers of the event. The company has databases around the world, including in the United States and the United Kingdom, and will undoubtedly face intense regulatory scrutiny for the incident.

Individual Risk: 2.630 = Moderate

The exposed database includes users’ personally identifiable information, including names, email addresses, phone numbers, internal company details, and account usernames. This information is often redeployed in spear phishing campaigns that trick unsuspecting recipients into disclosing even more sensitive data. Therefore, victims should carefully monitor their accounts and digital communications for suspicious or unusual messages.

Customers Impacted: 135,000,000

How it Could Affect Your Customers’ Business: Data privacy regulation is the new norm, as countries around the world enact regulations to support the public’s growing desire for online privacy. Consequently, companies that endure a data breach can expect that increased regulatory scrutiny of the way that information is stored will incur substantial financial penalties as well as other negative legal consequences.

Source:
https://www.securitymagazine.com/articles/92042-data-breach-report-cloud-backup-provider-exposes-more-than-135-million-customer-records