WeWork's WiFi network is leaking sensitive user information
infosec

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More
infosec

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More
infosec

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More
infosec

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
infosec

TalkTalk hackers have also invaded EtherDelta

US authorities accuse two suspects of hacking EtherDelta (cryptocurrency exchange company) in December ...
Read More
Latest Posts

Yves Rocher: 2,5 million French House customer data in hacker hands!

Yves Rocher has been the victim of personal data leaks because of her hacking attack on the French consulting firm, Aliznet. Personal information belonging to customers of companies that cooperate with the French company Aliznet, including cosmetics giant 2,5 million customers Yves Rocher found in the hands of hackers.

The Paris-based consulting firm has previously served IBM, Salesforce, Sephora, Louboutin and Inwi. Note that most sensitive data belong to Canadian Yves Rocher customers.

Yves Rocher

The exposed database was discovered by vpnMentor on an unprotected Elasticsearch server after researchers working for VPN review site discovered an unprotected API interface for an Aliznet application created by Yves Rocher. The researchers said that the API gave them access to an explorer they were using hackers could use to add, delete, or modify data in the company's database.

Along with customer names, phone numbers, emails, date of birth, and postal codes, the files included customer IDs, which could be used in conjunction with Yves Rocher's six million older customer orders. to identify further customers based on their markets. The records also include the names of the employees who processed each order and the location of the store.

The researchers said that the leaks client files could be exploited by hackers to execute phishing schemes, attacks ransomware and bypass the identity of two factors. His criminals cyberspace they could also gather information to commit fraud credit cards and identity theft.

The leaked data also showed the traffic store, turnover, order volumes, product prices and promotional codes, along with Aliznet corporate information, including job postings and employee profiles.

The researchers added that the breach may be the beginning of evil and that there may be other non-breaches. safe databases and applications owned by other Aliznet customers. It is not known if hackers managed to access the data or use it for malicious purposes.

How useful was this post?

Average rating / 5. Vote count:

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Hack Unamatata

About Hack Unamatata

Take great photos, someone is stalking you

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *