As we near the holiday shopping season, stories like these make home crafting with recycled goods so much more appealing! T-shirt quilts anyone?
So, another MongoDB mishap leads to customers' data being compromised, not just by ransomware group CRU3LTY, but potentially --- and certainly other cyber criminals.
Customer data exposed includes names, emails, mailing addresses and the last four digits of credit card numbers. Incidentally, 500 of the email addresses are from .gov or .mil domains. It's pretty clear to see how with a bit of extra work, hackers could access more information and do some real damage to some unsuspecting consumers.
When are companies going to prioritize protecting their most valuable asset --- data? Start taking precautions now with full security audits and a proactive approach to threat intelligence with real-time exposure notifications from leaks and hacks.
Tarte appears to have managed its customer information with open-source database MongoDB, a popular target for ransomware attacks. Older versions of MongoDB didn’t require a password by default, and databases were sometimes accidentally set up without a password. Although this insecure default isn’t in the latest MongoDB version, there are lots of older databases online that are easy targets for cyber criminals. Diachenko cautioned that it’s difficult to determine exactly who exposed the data—it’s possible that the exposure could be attributed to a payment processing contractor, or a third-party retailer. However, after Kromtech notified Tarte of the exposures they were taken offline. “The database names (‘tartecosmetics’ and ‘tartecosmetics_loopback’), the content of the files and description of goods, internal notes, credit notes—all this points to Tarte as being one of the potential owners, if not the database itself, but the data.”