ENC Security

ENC Security, a Netherlands software company, had been leaking critical business data.

It had been leaking its configuration and certificate files for more than a year.

A misconfiguration by a third-party supplier caused the issue and fixed it immediately upon notification.

The data compromised included Simple Mail Transfer Protocol (SMTP) credentials for sales channels, the single payment platform’s Adyen keys, email marketing company’s Mailchimp API keys, licensing payment API keys, HMAC message authentication codes, and public and private keys stored in .pem format.

Source: https://securityaffairs.co/wordpress/139091/data-breach/enc-security-data-leak-sony-lexar.html

"id": "ENC222421222",
"linkid": "enc-security-llc",
"type": "Breach",
"date": "11/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"