Exploit: Unauthorized database access
Storenvy: Online retailer
Risk to Small Business: 2.281 = Severe
Hackers gained access to a company database containing customer information. This database was subsequently downloaded and posted online as a free resource. Making matters worse, the database contained plaintext passwords and other personal data that can quickly be used by bad actors to execute cybercrimes ranging from spear phishing scams to malware attacks. This is the company’s second data breach in two years, undermining its credibility at a critical time. Online shopping is experiencing a boon because of the COVID-19 pandemic, but customers are increasingly unwilling to do business with platforms that can’t protect their information.
Individual Risk: 2.779 = Moderate
The compromised data includes shoppers’ account passwords, order details, and payment methods. However, shipping and card information were not impacted. Victims should immediately update their account passwords, and they need to be mindful that the compromised data could be used against them in future cyberattacks.
Customers Impacted: 1,500,000
How it Could Affect Your Customers’ Business:Both now and in the future, online retail is becoming the preferred shopping experience. This is a significant opportunity for many companies, enabling them to reach a bigger and broader audience than ever before. Unfortunately, for companies that can’t protect their platforms, many customers will take their business elsewhere.
Source: https://www.hackread.com/e-commerce-firm-storenvy-hacked-accounts-leaked