Orvis exposed the passwords the business used to control everything from firewalls and routers to administrator accounts and database servers when it disclosed 100 corporate passwords on Pastebin.com.
Many of the credentials were already expired, according to Orvis, who claims that the exposure was an accident.
Since the file contains outdated credentials, many of the devices connected to it have been decommissioned, and the company has taken action to deal with the remaining ones.
For instance, Orvis' Pastebin files contained plaintext login credentials for practically every online service and security product the organisation has ever utilised.
TPRM report: https://scoringcyber.rankiteo.com/company/orvis
"id": "orv9830423",
"linkid": "orvis",
"type": "Data Leak",
"date": "11/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Retail',
'name': 'Orvis',
'type': 'Company'}],
'attack_vector': 'Accidental Disclosure',
'data_breach': {'number_of_records_exposed': '100',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Passwords'},
'description': 'Orvis exposed the passwords the business used to control '
'everything from firewalls and routers to administrator '
'accounts and database servers when it disclosed 100 corporate '
'passwords on Pastebin.com.',
'impact': {'data_compromised': ['Passwords', 'Login credentials'],
'systems_affected': ['Firewalls',
'Routers',
'Administrator accounts',
'Database servers',
'Online services',
'Security products']},
'post_incident_analysis': {'corrective_actions': 'Decommissioned devices and '
'taken action to deal with '
'the remaining credentials',
'root_causes': 'Accidental Disclosure'},
'response': {'remediation_measures': 'Taken action to deal with the remaining '
'credentials'},
'title': 'Orvis Password Exposure',
'type': 'Data Exposure'}