"Unsecured Estee Lauder Database Exposed 440 Million Records"

Researchers have discovered an unsecured database belonging to cosmetic giant Estée Lauder, which exposed over 440 million company records. The database, is hosted on the company's Microsoft Azure cloud platform. Since discovering the unsecure database, the company has secured, and password protected the database. It is not clear how long the database was exposed or if anyone accessed any of the data. The researchers discovered the database on January 31st. The unsecured data on the database included: user emails stored in plain text, including internal email addresses from the @estee.com domain; Numerous internal IT logs, including production, audit, error, content management system and middleware reports; References to reports and other internal documents; References to IP address, ports, pathways, and storage used within the company.

Bank Info Security reports: "Unsecured Estee Lauder Database Exposed 440 Million Records"

 

Submitted by Anonymous on