Hobby Lobby, American Craft Giant, Buy thousands of looted ancient relics According to security, modern Iraq has released a large amount of data online, including customer names, phone numbers, addresses, addresses, last four digits of payment cards, and source code for company apps. researcher.
An independent pseudonym security researcher known as “Boogeyman” who discovered the leak told the motherboard in an online chat. The data was up to 2020, affecting more than 300,000 users, totaling about 138GB in size.
Boogeyman provided multiple screenshots of the data to the motherboard for verification purposes. These images show that the information is hosted in an open AWS bucket. This is a common source of inadvertently published data. The data also includes the names and email addresses of Hobby Lobby employees, Boogeyman added.
“We have identified the relevant access controls and took steps to protect the system,” Hobby Lobby emailed to the motherboard. Boogeyman said he had previously tried to warn Hobby Lobby about the issue but did not respond.
It’s unclear if Hobby Lobby will notify influential users.
Hobby lobby Was the driving force Behind the 2014 Supreme Court ruling, the government could not force employers to provide contraceptive insurance if they violated the employer’s religious beliefs, and women could use pills and other contraceptives. Has radically changed the way you get. Hobby Lobby owners have set up the Bible Museum in Washington, DC.
Hobby lobby Suing Christie’s at auction house For selling antiques that authorities later said they had looted.
Comments on the news Javvad Malik, Defender of Security Awareness in KnowBe4: “Many organizations rely on cloud storage products such as AWS buckets. However, security is always the responsibility of the user, regardless of what the cloud provider is doing. This is personal information. It also includes making sure that the settings are applied correctly so that is not accidentally published.
Fixing these issues does not require much technical knowledge as the features are built into the platform. What is needed is a culture of security. Introduce a process to correctly identify the data that needs to be secured and deploy the appropriate controls to verify that it is working as expected. “
Hobby Lobby Releases 138GB of Data
Source link Hobby Lobby Releases 138GB of Data