The personal information of hundreds of thousands of CenturyLink customers, including names, addresses, email addresses, and phone numbers was exposed online.
A database of 2.8m records containing sensitive information regarding hundreds of thousands of CenturyLink’s customers was left open online for anyone with internet access to see.
They included multiple pieces of personal information including name, email address, phone number, and address, along with account-specific information.
The database comprised API logs with customer information and contained more than 2.8 million records in total.
CenturyLink said to the affected customers. "We will continue to work to protect customer information, takes the protection of our customers’ information seriously, and we will work to ensure that we earn our customers’ trust.
Source: https://www.comparitech.com/blog/information-security/centurylink-data-leak/
"id": "CEN32023423",
"linkid": "centurylink",
"type": "Data Leak",
"date": "10/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"