Exploit: Accidental data sharing
Inventory Hub: Property Management Inventory Platform 

Risk to Small Business: 2.209 = Severe

A recently unearthed flaw in the security of this property management platform made members’ names and addresses, internal and external property images, inventories of each property’s contents, and information about physical security including photos of alarms, cameras, and locks available for an indeterminate amount of time. According to the researcher who discovered the vulnerability, the opening allowed would-be burglars to access exact layouts of all the listed properties, plus inventories of the contents, and user records back to 2017.  

Individual Risk: 2.607 = Moderate

User information including names, physical addresses, and lists of contents for properties listed on the platform since 2017 were compromised. Users should remain on guard for potential spear phishing attacks using these details.

Customers Impacted: 8,871

How it Could Affect Your Customers’ Business: Data breaches that leak personal information can be dangerous and lead to other types of criminal activity. Users of a service like Data Hive expect that even their most basic personal information will be kept safe when they choose a partner company, and increasingly reject service providers that fail them.  

Source:
https://portswigger.net/daily-swig/flaw-in-property-inventory-website-exposed-thousands-of-users-home-contents