Who left a database of emails, credit cards, plain-text passwords, and more open to the web this week?
Found on The Register on Friday, 07 June 2019
IT gear distributor Tech Data is the latest company to expose an insecure database, jam packed with personal and sensitive information, to the public internet for anyone to rifle through.
Within that database, we're told, was a 264GB cache of information including emails, payment and credit card details, and unencrypted usernames and passwords. Pretty much everything you need to ruin someone's day (or year).
In addition to the login credentials and card information, the researchers said they were able to find private API keys and logs in the database, as well as customer profiles that included full names, job titles, phone numbers, and email and postal addresses.
CC details and plaintext passwords, really now? Haven't any of the similar "accidents" taught the big companies that such information has to be handled in a better way?