A Misconfigured Folder!
Companies often fall in the trap of exposing their unencrypted databases online. This may not be realized until someone scrapes the important details out of it, and starts selling it to someone else. One such incident is the case of Frost and Sullivan’s, a fairly popular business consulting services firm. It’s assists clients in market research, corporate training, growth strategy, etc, and is having 1,800 employees working across 40 countries. Cyble, a cybersecurity firm reported that one of the back-up folders belonging to the firm was unsecured and exposed online, that contained company information and databases. It was found by KelvinSecurity Team while doing a daily monitoring routine. The group is now selling the discovered database in a hacker forum. The seller is more of an attention seeker rather than an adversary. The KelvinSecurity Team in a chat with BleepingComputer said, The seller claims that they haven’t sold the database to anyone yet, and are waiting to be contacted by Frost and Sullivan. The database in the deal has two sets of information, employees and customers. While the customers’ database has client name, email address, and the company contact, the employees’ database has first and last names, login names, email addresses, and hashed passwords. Via: BleepingComputer
