A misconfigured Amazon Web Server is to blame for the exposure of information from tens of thousands of customers from PayMyTab, a company that works with restaurants to provide mobile and card terminals. The exposure was discovered after security researchers received a tip and verified the that the information was exposed on the Internet.
This latest cyber incident illustrates how security issues can extend to businesses’ supply chain. In this case, the personal information of restaurant customers was exposed through PayMyTab’s unsecured AWS bucket. Having the correct security measures in place could have prevented this from occurring.When a business relationship is formed, security – a major form of risk – must be taken into consideration. For this reason, businesses must vet their partners from a security perspective, checking their security posture, practices and procedures. They should then work with the partner to close any gaps prior to onboarding. Once onboarded, the companies must continue to monitor their partners to avoid any future mishap, as security must be seen as an ongoing process.