Wegmans Exposes Customer Data in Misconfigured Databases
#1
Information 
Quote:Wegmans Food Markets, the U.S. supermarket chain, has notified customers that some of their data was exposed because two of its cloud-based databases were misconfigured, making them publicly accessible online.

In a publicly posted breach notification letter, Wegmans said that the issue was first brought to the company’s attention when a third-party security researcher pointed out the configuration problem. Then, “on or about” April 19, Wegmans confirmed the issue.
 
It’s not clear whether April 19 is when the issue was reported to Wegmans, when the databases were left open to public access, or whether that’s just when Wegmans confirmed that they were exposed. Likewise, it’s not clear whether or not customers’ data was left in open databases months or even years before it was reported and/or confirmed. Threatpost has contacted Wegmans for clarification.
 
“We recently became aware that, due to a previously undiscovered configuration issue, two of our cloud databases, which are used for business purposes and are meant to be kept internal to Wegmans, were inadvertently left open to potential outside access,” the letter stated.
 
The databases contained customer information including names, addresses, phone numbers, birth dates, Shoppers Club numbers, as well as e-mail addresses and passwords for access to Wegmans.com accounts. The company added that all of the affected account passwords were salted and hashed, meaning that the actual passwords were obscured, not viewable in the databases.

Read more: Wegmans Exposes Customer Data in Misconfigured Databases | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBOLite_2024.12.23.23
uBOLite_2024.12.23...harlan4096 — 10:29
You found a seed phrase from someone els...
Scammers have inve...harlan4096 — 09:58
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>