FR Yves Rocher Sep 2019 Technical Error (Q14368)
From Open Risk Data
A data breach risk event
Language | Label | Description | Also known as |
---|---|---|---|
English |
FR Yves Rocher Sep 2019 Technical Error
|
A data breach risk event
|
Statements
0bc75e50-e0ad-11e9-8cfd-bf57b38104b7
September 2019
0 references
Security researchers with vpnMentor recently discovered that retail consultancy firm Aliznet was leaking the data of 2.5 million Canadian Yves Rocher customers via an unsecured Elasticsearch database. The exposed data includes names, phone numbers, email addresses, dates of birth and postcodes. In addition, the researchers found six million customer orders on the leaky server. The orders mentioned a unique customer ID that made it possible to link them to clients in the database. The server also exposed detailed information about the business operations of Yves Rocher that could be of significant value to the cosmetic giants competitors. (English)
1 reference