Detailed and potentially sensitive information uploaded by firm Clifford Chance was left exposed on an open database platform.
The cache of data, which included Companies House forms, partial security authentication details, business email addresses, and encrypted passwords, were accessible on a historic database owned and operated by British tech giant Advanced Computer Software.
TPRM report: https://scoringcyber.rankiteo.com/company/clifford-chance-llp
"id": "cli028301222",
"linkid": "clifford-chance-llp",
"type": "Data Leak",
"date": "05/2020",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Legal',
'name': 'Clifford Chance',
'type': 'Firm'}],
'attack_vector': 'Unsecured Database',
'data_breach': {'data_encryption': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Companies House forms',
'Partial security authentication '
'details',
'Business email addresses',
'Encrypted passwords']},
'description': 'Detailed and potentially sensitive information uploaded by '
'firm Clifford Chance was left exposed on an open database '
'platform. The cache of data, which included Companies House '
'forms, partial security authentication details, business '
'email addresses, and encrypted passwords, were accessible on '
'a historic database owned and operated by British tech giant '
'Advanced Computer Software.',
'impact': {'data_compromised': ['Companies House forms',
'Partial security authentication details',
'Business email addresses',
'Encrypted passwords']},
'title': 'Data Exposure Incident at Clifford Chance',
'type': 'Data Exposure',
'vulnerability_exploited': 'Open Database Platform'}