Felipe Demartini reports (translation):
A serious security breach exposed the information of, it is believed, all customers of the iugu services company, which operates in Brazil through financial management and automation systems. Users’ personal, banking and transaction data was available on an unprotected server for at least an hour.
The discovery is by security expert and consultant Bob Diachenko, who, through Twitter , reveals a very serious incident.
Read more on Canaltech. But was it really a serious incident or was it a potentially serious incident? It doesn’t sound like anyone other than the whitehat researcher accessed the data while it was unintentionally exposed for two hours.
h/t, @Chum1ng0