DigitalOcean Accidentally Leaks Customer Data
DigitalOcean, a popular web-hosting platform, has started informing customers about a data leak that “unintentionally” exposed personally identifiable information online.
According to a notification sent to DigitalOcean users, the incident is linked to a 2018 company-owned document that was publicly available for viewing without requiring any authentication.
“This document contained your email address and/or account name (the name you gave your account at sign-up) as well as some data about your account that may have included Droplet count, bandwidth usage, some support or sales communications notes, and the amount you paid during 2018,” the letter reads. An investigation by the provider”s security team found the internal document was “accessed at least 15 times” before it was taken down.
You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.
No official statement was released, but company officials have commented on the incident, saying that “there was no malicious access to that document” and “less than 1% of our customer base was impacted.”
“The only PII included in the file was account name and email address,” the company added. “This was not related to a malicious act to access our systems.”
DigitalOcean takes full responsibility for the data leak, and promises to undergo extensive employee training for assuring customer data protection and preventing future incidents.
The notification letter also reassures users that “your Droplets and other systems you run on our platform have not been impacted by this mistake, we are committed to being transparent anytime we feel your data has been used in a way that does not align with our values.”
While there is no indication of foul play or a targeted attack, changing your account password and enabling two-factor authentication is never a bad idea. Companies should start focusing on protecting customer data, regardless of the type of information they handle. Even with limited information, bad actors can still formulate phishing campaigns to steal additional information or financial details.
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022
Why and how to hide your IP address while traveling
April 13, 2022
How Bitdefender Can Help Restore Your Privacy in the Digital Age
April 04, 2022
How Strong is VPN Encryption?
February 28, 2022
Top Three Ways Internet Users Unknowingly Help Cybercriminals
February 25, 2022