Exploit: Unsecured Database
Friendemic: Marketing Firm
Risk to Business: 2.227 = Severe Digital marketing firm Friendemic committed a classic blunder that led to a nasty data breach. An unsecured Amazon S3 bucket resulted in the exposure of 2.7 million records including full names, phone numbers, and email addresses, alongside 16 OAuth tokens stored in plaintext. The company noted that the information was not current customer data and the OAuth tokens were not currently in use.
Individual Risk: No individual information was reported as compromised in this incident, although the potential is there. No details about the uncovered data are available.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Failing to secure a database, even an old one, shows a basic lack of attention to cybersecurity best practices, and that doesn’t build customer confidence.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.