cyber Breach

vpnMentor

May 11, 2023 1 min read
vpnMentor

The presence of an open database belonging to the South Korean industrial manufacturer was publicly disclosed by the cybersecurity company vpnMentor.

vpnMentor's web mapping project, which uses port scanning to detect online services lacking any kind of authentication or access restrictions in place, led to the discovery of the database.

The company was disclosing emails about its business operations, goods, and clients, as well as product quotes, travel information, and private chats, all of which could be valuable to rivals.

Along with emails, user IDs, full customer and employee names, and phone numbers have also been made public.

Source: https://www.zdnet.com/article/dklok-data-breach-leaked-global-enterprise-client-internal-emails/

TPRM report: https://scoringcyber.rankiteo.com/company/vpnmentor

"id": "vpn13411423",
"linkid": "vpnmentor",
"type": "Data Leak",
"date": "09/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Manufacturing',
                        'location': 'South Korea',
                        'type': 'Industrial Manufacturer'}],
 'attack_vector': 'Open Database',
 'data_breach': {'personally_identifiable_information': ['Full Customer and '
                                                         'Employee Names',
                                                         'Phone Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Emails',
                                              'User IDs',
                                              'Full Customer and Employee '
                                              'Names',
                                              'Phone Numbers',
                                              'Business Operations',
                                              'Goods',
                                              'Clients',
                                              'Product Quotes',
                                              'Travel Information',
                                              'Private Chats']},
 'description': 'An open database belonging to a South Korean industrial '
                'manufacturer was publicly disclosed by the cybersecurity '
                'company vpnMentor. The database contained sensitive '
                'information about business operations, goods, clients, '
                'product quotes, travel information, and private chats, along '
                'with emails, user IDs, full customer and employee names, and '
                'phone numbers.',
 'impact': {'data_compromised': ['Emails',
                                 'User IDs',
                                 'Full Customer and Employee Names',
                                 'Phone Numbers',
                                 'Business Operations',
                                 'Goods',
                                 'Clients',
                                 'Product Quotes',
                                 'Travel Information',
                                 'Private Chats']},
 'references': [{'source': 'vpnMentor'}],
 'title': 'South Korean Industrial Manufacturer Data Leak',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Lack of Authentication or Access Restrictions'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.