CyberNews Briefs

Office Depot Configuration Error Exposes One Million Records

Researchers have found a misconfigured Easticsearch server belonging to Office Depot, a popular office supplies store chain. One million customers’ personal information was exposed on the misconfigured server, according to researchers. The database was not protected by a password and was initially found by a Website Planet team on March 3. The researchers then traced the database back to Office Depot Europe.

The information exposed in the leak includes phone numbers, home and office addresses, email addresses, marketplace logs, order histories, and hashed passwords. This data could be leveraged by cybercriminals to perform convincing phishing attacks. Although Office Depot secured the database within hours of being notified, the Elasticsearch server may have been left exposed for up to 10 days, allowing plenty of time for criminals to access it.

Read More: Office Depot Configuration Error Exposes One Million Records

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.