Security researchers have discovered a huge data breach involving a web hosting firm, which may have threatened the privacy of some 63 million individuals. Security researcher Jeremiah Fowler, in collaboration with Secure Thoughts, discovered that an unsecured database hosted by US firm Cloud Clusters had potentially compromised usernames and passwords connected with Magento, WordPress and MySQL.
The exposed database contained records concerning data backups, monitoring, error logging, and more, with emails and passwords displayed in plain text.
After discovering the breach, Fowler notified Cloud Clusters, which eventually acknowledged the vulnerability before restricting public access. It is not known, however, if the firm informed relevant customers that their credentials could have been compromised.
“It is unclear how long these records were exposed or who else may have had access to this data,” Fowler explained. “As a security researcher, I never circumvent or bypass password protected assets. These records were publically accessible and no hacking was necessary to see 63.7 million records. If a cybercriminal had access to this information it could potentially compromise those sites and e-commerce accounts.”
Still at risk?
Magento is an e-commerce platform, while WordPress is a popular website management system. Users of these platforms could now be at risk of account hacking or being targeted by spear-phishing attempts. The total number of exposed records numbered 63,747,966.
Poor log monitoring is often blamed for exposing sensitive data as it is not considered a core asset. Logs can still contain important data, however, including login attempts, critical transactions, IP addresses and usernames.
For Cloud Clusters, although the security issue has now been patched, it might be a good idea to notify customers that may have been compromised, so they can be on guard against follow-up attacks.