• Best Products
  • Entertainment
  • Guides
  • Software & Apps
No Result
View All Result
No Result
View All Result

Cosmetics company “Avon Products” has leaked 7GB of personal and technical information

person holding red lipstick

Photo by Juliana Malta on Unsplash

Avon Products Cosmetics is a well-known brand. However, Avon Cosmetics, like every other brand, has its fair share of controversy. Safety Detectives researchers identified an unprotected database last month. This database belonged to Avon, a well-known cosmetics company. Even the most basic security safeguards were missing from the server. As a result, the detectives had no trouble getting in. What the detectives discovered astounded them. We will provide you with all of the important details on the leak in this article. So keep an eye out! Global cosmetics giant Avon (Avon) recently leaked 19 million records, including personal information and technical logs, due to a cloud server configuration error.

SafetyDetectives researchers found that Avon’s Elasticsearch database on Azure servers was publicly exposed and not password protected or encrypted.

In a subsequent report, SafetyDetectives explained, “The vulnerability effectively means that anyone with the server’s IP address can access the company’s open database.”

London-based Avon, which has more than $5.5 billion in annual sales worldwide, had been exposed for nine days before the 7GB of data exposed was discovered by the security firm on June 12.

The exposed database contained personally identifiable information (PII) about customers and employees, including full names, phone numbers, birth dates, email and home addresses, and GPS coordinates. Also included were more than 40,000 security tokens, OAuth tokens, internal logs, account settings, and technical server information.

According to SafetyDetectives, while PII can be used for a wide variety of identity fraud and subsequent phishing scams, the exposed technical details also pose a risk to Avon itself.

“Given the type and volume of sensitive information provided, hackers would be able to assume full server control and execute severely damaging actions that could permanently damage the Avon brand, expose ransomware attacks and cripple the company’s payment infrastructure.”

Interestingly, a June 9 filing with the U.S. Securities and Exchange Commission shows Avon referring to “a cyber incident in its information technology environment that disrupted certain systems and partially impacted operations.”

In a second affidavit dated June 12, Avon stated that it was planning to reboot its systems.

SafetyDetectives revealed, “Avon is continuing its investigation to determine the extent of the incident, including the potentially compromised personal data.” “That said, it is not yet possible to anticipate that credit card details will be affected as its main e-commerce site does not store that information.”

The exposure of PII is a cause for concern because it allows cybercriminals to carry out a variety of scams, such as identity fraud and phishing operations. On the other hand, exposing technical data, particularly OAuth tokens, offers a significant danger to Avon, as a hacker may take complete control of the server, install malware, attack the company’s payment infrastructure, and do irreversible harm.

By using effective virtual machine backup solutions, businesses can ensure that their data is constantly protected from loss or harm. Data on the cloud can be accessed at any time and from any location with an internet connection, making it simple to quickly restore a backup in the case of a disaster. With cloud backup technologies, businesses can quickly create a virtual environment to meet regulatory requirements and backup hyper v vm. Customers may simply scale their needs and only pay for what they need because to the nature of cloud technology.

Previous Post

How to Backup an iPhone

Next Post

2 Best Audiobook Downloader Free for Audible & iTunes (2022)

Read Next

image source: gtvstick

Kayosports.com.au/connect: How To Connect Kayo Sports On Your TV

March 2, 2023

Kayo sports brings you the best of sports entertainment with live streaming of your favorite sports and teams. With access...

The Link Between DNA and Information Technology

January 20, 2023

The intersection between DNA and information technology is one that has been growing in importance as the two disciplines become...

How Gojek Like App Helps Your Business Grow In The Market

January 4, 2023

There are many enterprises running online and have secured a reputed position in the market. It's due to the users...

What’s better? Autoflower or feminized?

December 8, 2022

What are the differences between Autoflower and Feminized? As you think of where to buy marijuana seeds online, you need...

Trending Now

woman holding sword statue during daytime
Lawyer

How to Prepare for a Personal Injury Lawsuit in 5 Steps

1 week ago
Gaming

How to Link Your Microsoft Account to Xbox

1 week ago
image source: gtvstick
Live Streaming

Kayosports.com.au/connect: How To Connect Kayo Sports On Your TV

2 weeks ago
Streaming TV, Movies, & More

The Wonders of Spotify Web Player

1 month ago
Biz Willa

© 2021-2022 Biz Willa. All Rights Reserved

Navigate Site

  • About
  • Contact
  • Advertise

Follow Us

No Result
View All Result
  • Best Products
    • Audio
    • Camera & Video
    • Car Audio & Accessories
    • Computer Accessories
    • Computers & Laptops
    • Game Consoles
    • Gifts
    • Networking
    • Phones
  • Computers
  • Gaming
  • Internet & Security
  • Smart Home
  • Social Media

© 2021-2022 Biz Willa. All Rights Reserved