Cloud Security, Data Security, Privacy

Over 198GB of BuyGoods.com data exposed by misconfigured database

Global e-commerce market and business management platform BuyGoods.com has exposed 198.3GB of sensitive data from a misconfigured cloud database, according to Hackread. Over 260,000 records were included in the data leak, including BuyGoods.com affiliate payouts, invoices, accounting records, and refund transactions, as well as personally identifiable information and Know Your Customer Data from the retailer's customers and affiliates around the world, a report by cybersecurity researcher Jeremiah Fowler published on WebsitePlanet showed. Such customer data included personal identification cards, passports, licenses, and selfies, as well as their credit card details that were not redacted. After being notified regarding the misconfigured database, BuyGoods.com confirmed that it had already resolved the concern and diverted PII. However, Fowler said that the database remained accessible online before being closed off. Organizations have been urged to ensure database security through regular audits, limited user access privileges, robust authentication and access controls, data encryption, regular software patches and updates, automated configuration management tools, and proper employee education.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds