Eversource Energy, based in New England, Mass., says an unsecured cloud storage server allowed a data breach that left the personal information of 11,000 of the company’s customers in eastern Massachusetts accessible to potential threat actors, BleepingComputer reports.
The company issued a data breach notification to affected customers, telling them that their name, address, phone number and social security number were among the information exposed in the breach, and offered an identity monitoring service provided by Cyberscout free for one year.
In a frequently asked questions document, the company explained that a security review on March 16 uncovered a cloud data storage folder that was incorrectly configured to allow anybody access to its contents, which were unencrypted files with the customers’ personal information, created in August 2019. The company said it immediately secured the data and launched an investigation and stated that currently it has not found signs of the data being accessed by unauthorized individuals.
The company issued a data breach notification to affected customers, telling them that their name, address, phone number and social security number were among the information exposed in the breach, and offered an identity monitoring service provided by Cyberscout free for one year.
In a frequently asked questions document, the company explained that a security review on March 16 uncovered a cloud data storage folder that was incorrectly configured to allow anybody access to its contents, which were unencrypted files with the customers’ personal information, created in August 2019. The company said it immediately secured the data and launched an investigation and stated that currently it has not found signs of the data being accessed by unauthorized individuals.
