News and Updates on Information Technology


Exploit: Third-Party Threat (Misconfiguration)

Wegman’s: Grocery Store Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.227= Severe

East Coast gourmet grocer Wegmans issued a release announcing that a service provider had failed to correctly configure two of its databases, exposing a large quantity of customer data. According to Wegmans, the databases that the contractor maintained contained customer identity and shopping habit information as well as an assortment of client PII. The company says the issue is resolved.

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.776 = Moderate

The release says that customer information exposed in the data breach included names, addresses, phone numbers, birth dates, Shoppers Club numbers, account e-mail addresses and passwords. No Social Security, financial or medical information was stolen and only salted password hashes were stored in the databases maintained by the negligent contractor.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Clients expect a high level of information security from companies that they trust with their personal information and excuses about errors by contractors aren’t going to get businesses off the hook if there’s trouble.

Source: Bleeping Computer