Exposed data belonged to Friendemic and included full names, email addresses, and contact numbers of its customers.
The dangers of unprotected Amazon S3 buckets are well documented. Yet another firm made the mistake of improper cloud configuration and exposed nearly 3 million customers’ data.
On Sep 12, 2020, Comparitech researcher and security expert Aaron Phillips discovered a publicly accessible database containing personally identifiable information (PII) of approx. 2.7 million consumers of a US-based digital marketing services provider Friendemic.
See: Data on 38 million+ US citizens leaked in database mess up
Exposed data include names, email IDs, and phone numbers of Friendemic customers in the US. The unencrypted database was accessible publicly since it wasn’t password-protected, and no authentication process was involved in accessing it.
Screenshot of the leaked data (Credit: Comparitech)
Founded in 2020, Friendemic is a customer management and digital marketing firm that mainly deals in car dealerships. It offers services like social media advertising, online reviews, sales analytics, video sharing, etc.
Friendemic has confirmed the incident and claims that the database was an archive backup. However, the company promptly secured the data after Comparitech notified it about the exposure. After securing the database, Friendemic released an official statement through email, that read:
“While no company ever wants something like this to happen, we are glad to have the vulnerability fixed. Thank you for notifying us and acting professionally. We have also notified our clients of the situation and have been doing a thorough ..
Support the originator by clicking the read the rest link below.
