Veeam, a popular backup and disaster recovery software company, has recently blundered and exposed 445 million customer records which include name, email addresses, countries, customer’s company sizes, and some IP addresses. This stems from a configuration issue that left their AWS hosted 200Gb MongoDb database, “open and defenseless”. This was first discovered by a former security researcher, Bob Diachenko, last Tuesday (Sept. 11, 2018). After Veeam was notified by TechCrunch of the exposure, the server was brought offline within 3 hours to secure the database. Veeam spokesperson Heidi Kroft commented stating that,
“We will continue to conduct a deeper investigation and we will take appropriate actions based on our findings.”
While the information exposed isn’t enough for outright exploits it does arm malicious individuals and other “bad actors” with relevant information for targeted phishing and spam attacks.
Was My Data Exposed?
Here is a nice website where you can see if your email address was involved in any exploits or hacks. This will tell you if your information was made public.