Walmart jewelry partner exposed 1.3 million customer details

Bob Diachenko writes:

On February 6^th, 2018 researchers at Kromtech security came across another publicly accessible Amazon s3 bucket. This one contained a MSSQL database backup, which was found to hold the personal information, including names, addresses, zip codes, phone numbers, e-mail addresses, ip addresses, and, most shockingly, plain text passwords, for shopping accounts of over 1.3 million people (1,314,193 to be exact) throughout the US and Canada.

At first glance the data appeared to belong to Walmart as the storage bucket was named ‘walmartsql‘, but upon further investigation by Kromtech researchers it was discovered that the MSSQL database backup inside actually belonged to MBM Company Inc., a jewelry company based in Chicago, IL, which operates mainly under the name Limogés Jewelry.

Two more entities have folded after ransomware attacks
Inquiry launched after identities of SAS soldiers leaked in fresh data breach
Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
Government will 'robustly defend' compensation claims from Afghans put at risk by data breach
Missouri Adopts New Data Breach Notice Law
Qantas obtains injunction to prevent hacked data’s release

Related: