Exploit: Unsecured Database
Descartes Aljex Software: Shipping Software Developer
Risk to Small Business: 1.726 = Severe
An unsecured database is always trouble as Descartes Aljex Software discovered this week. 103 GB worth of data belonging to the New Jersey-based company was discovered by researchers after it was left exposed on a misconfigured AWS S3 Bucket. The exposed data contained corporate, client and employee information.
Individual Risk: 1.667 = Severe
An unsecured database is always trouble as Aljex clients’ account data that was exposed included full names, phone numbers, email addresses, Aljex usernames, and plaintext passwords. Carrier information, their full names and email addresses as well as their house addresses and phone numbers were compromised. Client shipment details, shipment information, recipient’s consignee name, shipment origin and destination, addresses, and phone numbers were included in the data that was exposed. Sales representative details were also exposed including full names, corporate emails, Aljex usernames, and sales representative IDs
Customers Impacted: 4,000
How it Could Affect Your Customers’ Business: Third-party and supply chain risk is growing more dangerous for businesses as the ripple effect of breaches like this fuels cybercrime. Take precautions now to avoid headaches later.