Kate Conger and Dell Cameron report:
Tarte Cosmetics, a cruelty-free cosmetics brand carried by major retailers like Sephora and Ulta, exposed the personal information of nearly two million customers in two unsecured online databases.
The databases were publicly accessible and included customer names, email addresses, mailing addresses, and the last four digits of credit card numbers, according to the Kromtech Security Center, the firm that discovered the exposed data.
Read more on Gizmodo.