Expert Commentary: Moda Operandi Exposed Personal And Order Details Of Its Customers

Researchers today revealed that a misconfigured cloud database has potentially exposed the customers of luxurious women’s fashion store Moda Operandi to phishing and fraud. The 25GB-sized unprotected Elasticsearch cluster contains production logs filled with personal and order information which appear to be part of Moda Operandi’s event logging environment. The exposed information includes names, addresses, phone numbers, and emails. Researchers suggest that all US and Canada-based customers who purchased online at Moda Operandi during that time are in the risk zone.

Experts Comments

October 09, 2020
Pravin Rasiah
VP of Product
CloudSphere
When data leaks occur, it is often the result of a lack of awareness within the cloud environment. Without proper visibility into deployments, any change or update in policy could impact security and result in a devastating breach putting customer information at risk. To prevent misconfigurations in the cloud, a comprehensive view of the cloud environment is critical. Businesses should enforce security guardrails via policies that can prevent or remediate issues in real-time, significantly.....Read More
When data leaks occur, it is often the result of a lack of awareness within the cloud environment. Without proper visibility into deployments, any change or update in policy could impact security and result in a devastating breach putting customer information at risk. To prevent misconfigurations in the cloud, a comprehensive view of the cloud environment is critical. Businesses should enforce security guardrails via policies that can prevent or remediate issues in real-time, significantly minimizing the attack surface. With proactive security and governance policies in place, businesses can have confidence that changes in resources will not affect the security of their sensitive data.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.