You know what isn’t a good look for a data management software company? A massive mismanagement of your own customer data.
Veeam, a backup and data recovery company, bills itself as a data giant that among other things can “anticipate need and meet demand, and move securely across multi-cloud infrastructures,” but is believed to have mislaid its own database of customer records.
Security researcher Bob Diachenko found an exposed database containing more than 200 gigabytes of customer records, mostly names, email addresses, and in some cases IP addresses. That might not seem like much but that data would be a goldmine for spammers or bad actors conducting phishing attacks.
Diachenko, who blogged about his latest find, the database didn’t have a password and could be accessed by anyone knowing where to look.
Source: Veeam Server Lapse Leaks Over 440 Million Email Addresses | TechCrunch