https://threatpost.com/hobby-lobby-customer-data-cloud-misconfiguration/164980/
Exploit: Misconfiguration
Hobby Lobby: Craft Supply Retailer
Risk to Small Business: 1.662= Severe Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information
Individual Risk: 1.707 = Severe Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company’s app, and employee names and email addresses. This information can be used for spear phishing and identity theft.
Customers Impacted: 300,000
How it Could Affect Your Customers’ Business: Making simple, avoidable blunders like this doesn’t fill your customers with confidence that you’re taking information privacy seriously.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
