Massive database exposed to public access

07.06.2022

Back to news

Another cyber security incident, related to data leak took place recently. Big amount of users’ data, gathered and proceeded by ACY Securities, was exposed to public access. It seems, that this happened due to a misconfigured database. 
The peculiarity of this incident is that  60GB of data  was left exposed without any security authentication. This means, that very wide range of intruders may had got access to the database. The exposed database contained the following user data: full name / postcode / full address / date of birth / name of city / gender details / email address / phone number / hashed password / trading-related information like business details.

Consequences of this massive data leak in the future, as usual, may be quite negative. Among them identity theft, phishing, scam marketing campaigns and others.

It should finally become obvious for everyone, that it’s prohibitively to be careless in the process of data handling. Nowadays, it has become crucial to motivate any kind of personal  data operator to ensure safety of collected data and train employees in order to increase their competenences in the information security sphere. In order to do it, you may refer to the article in our blog. Also we recommend not to neglect using special security tools, which help to identify existing risks. Thus, for example, SIEM- system would have alarmed in case data was stored with violation of security policies.