National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Η Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων προβλέπει την αύξηση της ηλεκτρονικής ασφαλείας ενισχύοντας την προστασία του κυβερνοχώρου των Εθνικών Κρίσιμων Πληροφοριακών Υποδομών, των τραπεζών και των παροχών επικοινωνίας της Κυπριακής Δημοκρατίας.

DigitalOcean Data Leak Incident Exposed Some of Its Customers Data

11 Μαΐου 2020

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers’ data to unknown and unauthorized third parties.

Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email.

According to the breach notification email that affected customers received, the data leak happened due to negligence where DigitalOcean ‘unintentionally’ left an internal document accessible to the Internet without requiring any password.

“This document contained your email address and/or account name (the name you gave your account at sign-up) as well as some data about your account that may have included Droplet count, bandwidth usage, some support or sales communications notes, and the amount you paid during 2018,” the company said in the warning email as shown below.

data leak

Upon discovery, a quick digital investigation revealed that the exposed file containing customers’ data was accessed by unauthorized third parties at least 15 times before the document was finally taken down.

“Our community is built on trust, so we are taking steps to make sure this doesn’t happen again. We will be educating our employees on protecting customer data, establishing new procedures to alert us of potential exposures in a more timely manner, and making configuration changes to prevent future data exposure,” the company added.

 

To be noted, this specific breach neither indicates the DigitalOcean website was compromised, nor the customers’ login credentials were leaked to the attackers.

So, if you have an account with the hosting service, you don’t have to rush into changing your password. However, the service also offers two-factor authentication that every user must enable to add an extra layer of security to their accounts.

“We had a document that was discovered to be shared publicly and while we feel confident there was no malicious access to that document, we informed our customers regardless for transparency. Less than 1% of our customer base was impacted, and the only PII included in the file was account name and email address.

“This was not related to a malicious act to access our systems. Our customers trust us with their data and we believe that an unintended use of that data, no matter how small, is reason enough to be transparent.”

The information contained in this website is for general information purposes only. The information is gathered from The Hacker News, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.  Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.

ENISA: Cyber threats require heightened defences

#CyberSecMonth 2017 - Cyber Security in the Home