News and Updates on Information Technology

United States – Hobby Lobby

Exploit: Misconfiguration
Hobby Lobby: Craft Supply Retailer

Risk to Small Business: 1.662 = Severe

Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information..

Individual Risk: 1.707 = Severe

Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company’s app, and employee names and email addresses. This information can be used for spear phishing and identity theft.

Customers Impacted: 300,000

How it Could Affect Your Customers’ Business: Making simple, avoidable blunders like this doesn’t fill your customers with confidence that you’re taking information privacy seriously.