Comments On Online Retailer Leaks Data On 1.6 Billion Shoppers

By   ISBuzz Team
Writer , Information Security Buzz | Dec 19, 2019 03:40 am PST

It has been reported that an unsecured database operated by the online retailer LightInTheBox left 1.3TB of data containing 1.6 billion shopper records exposed for a three-month period this year. In what the breach discovers VPNMentor described as a major lapse in LighInTheBox’s data security and potentially devastating to the victims exposing them to not only a cyberattack but potentially a physical confrontation as the data included enough clues to allow a malicious actor to discover their home address.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
December 19, 2019 3:38 pm

Cloud storage and databases make it very easy and convenient for companies to upload and store large quantities of data. But with great storage comes great responsibility – and users of such services need to familiarise themselves with the security settings to ensure these databases are adequately secured. This should be complemented with regular assurance tests to ensure settings have not changed, as well as monitoring controls that cans alert where there is unauthorised access or unusual activity.

Until companies embed security through their staff and processes we will continue to see errors in technology that will lead to such large breaches.

Last edited 4 years ago by Javvad Malik
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
December 19, 2019 11:42 am

Not all breaches are the result of a malicious actor. A misconfiguration can be just as impactful as a successful attack.

Organizations must monitor their environments for misconfigured systems that expose sensitive data, and they must do so continuously. Misconfigurations that used to stay hidden behind layers of network defenses are increasingly being exposed to the Internet directly, causing a rise in exposed data.

Last edited 4 years ago by Tim Erlin

Recent Posts

Would love your thoughts, please comment.x