Mid-February saw the data breaches and leaks flow yet again, as reported by Webroot on its regular cyber news blog.
Cosmetics firm Estée Lauder was found to have a unsecured database containing over 440 million pieces of sensitive company information. The company itself was unsure how long these records had been exposed.
The good news? “Estée Lauder was able to properly secure the database on the same day the initial researcher contacted them,” according to Webroot threat research analyst Connor Madsen.
The month also saw a Danish government data leak expose the ID numbers of around 1.3 million citizens who had used its tax portal in the last five years. The government has resolved the leak – but the bug itself displayed tax portal user ID numbers in the URL, analysed by both Google and Adobe.
“Fortunately, no additional tax or other personal information was divulged in the leak, which the government was quick to resolve,” noted Madsen.
Music platform SoundCloud was also found with vulnerabilities in its API. Read Madsen’s other cyber news bites.
Carbonite, Webroot’s parent company, was acquired by OpenText in December.
