Exploit: Unsecured Database
View Media: Online Marketing Firm
Risk to Small Business: 2.201 = Severe A publicly accessible Amazon Web Services (AWS) server that belongs to View Media was discovered by cybersecurity researchers, overflowing with more than 38 million US user records, including their full names, email and street addresses, phone numbers, and ZIP codes. The data included 700 statement of work documents for targeted email and direct mail advertising campaigns stored in PDF files, and 59 CSV and XLS files that contained 38,765,297 records of US citizens in total, of which 23,511,441 records were unique. The bucket also contained thousands of files for various marketing materials, such as banner advertisements, newsletters, and promotional flyers sorted by locations and ZIP codes that the marketing company’s campaigns targeted.
Individual Risk: 2.919 = Moderate While this is a huge trove of information, no financial or protected personal information was involved, although this information will make its way into Dark Web data dumps.
Customers Impacted: 38 million +
How it Could Affect Your Customers’ Business: Failing to undertake a simple bit of maintenance like this doesn’t look good in front of potential partners, who may become concerned that your business is a third party security risk and reconsider hiring you.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.