Expert Commentary: Moda Operandi Exposed Personal And Order Details Of Its Customers

By   ISBuzz Team
Writer , Information Security Buzz | Oct 09, 2020 05:54 am PST

Researchers today revealed that a misconfigured cloud database has potentially exposed the customers of luxurious women’s fashion store Moda Operandi to phishing and fraud. The 25GB-sized unprotected Elasticsearch cluster contains production logs filled with personal and order information which appear to be part of Moda Operandi’s event logging environment. The exposed information includes names, addresses, phone numbers, and emails. Researchers suggest that all US and Canada-based customers who purchased online at Moda Operandi during that time are in the risk zone.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Pravin Rasiah
Pravin Rasiah , VP of Product
October 9, 2020 1:53 pm

When data leaks occur, it is often the result of a lack of awareness within the cloud environment. Without proper visibility into deployments, any change or update in policy could impact security and result in a devastating breach putting customer information at risk. To prevent misconfigurations in the cloud, a comprehensive view of the cloud environment is critical. Businesses should enforce security guardrails via policies that can prevent or remediate issues in real-time, significantly minimizing the attack surface. With proactive security and governance policies in place, businesses can have confidence that changes in resources will not affect the security of their sensitive data.

Last edited 3 years ago by Pravin Rasiah

Recent Posts

Would love your thoughts, please comment.x