https://www.websiteplanet.com/blog/cronin-leak-report/
Exploit: Misconfiguration
Cronin: Digital Marketing Firm
Risk to Business: 1.917 = Severe Researchers discovered a non-password-protected database that contained 92 million records belonging to the digital marketing firm Cronin last week. The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. Exposed client records include internal logging of client advertisement campaigns, keywords, Google analytics data, session IDs, Client IDs, device data and other identifying information. Sales data was also exposed in a “Master Mailing List” with direct physical names, addresses, Salesforce IDs, phone numbers, and references to where the leads came from for customers and prospects. Internal Cronin employee usernames, emails, and hashed passwords and some unspecified PII and financial data were also exposed.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business : Information security is challenging enough without the complications of sloppy and dangerous mistakes like this.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
