• Best Products
  • Entertainment
  • Guides
  • Software & Apps
No Result
View All Result
No Result
View All Result

Cosmetics company “Avon Products” has leaked 7GB of personal and technical information

person holding red lipstick

Photo by Juliana Malta on Unsplash

Avon Products Cosmetics is a well-known brand. However, Avon Cosmetics, like every other brand, has its fair share of controversy. Safety Detectives researchers identified an unprotected database last month. This database belonged to Avon, a well-known cosmetics company. Even the most basic security safeguards were missing from the server. As a result, the detectives had no trouble getting in. What the detectives discovered astounded them. We will provide you with all of the important details on the leak in this article. So keep an eye out! Global cosmetics giant Avon (Avon) recently leaked 19 million records, including personal information and technical logs, due to a cloud server configuration error.

SafetyDetectives researchers found that Avon’s Elasticsearch database on Azure servers was publicly exposed and not password protected or encrypted.

In a subsequent report, SafetyDetectives explained, “The vulnerability effectively means that anyone with the server’s IP address can access the company’s open database.”

London-based Avon, which has more than $5.5 billion in annual sales worldwide, had been exposed for nine days before the 7GB of data exposed was discovered by the security firm on June 12.

The exposed database contained personally identifiable information (PII) about customers and employees, including full names, phone numbers, birth dates, email and home addresses, and GPS coordinates. Also included were more than 40,000 security tokens, OAuth tokens, internal logs, account settings, and technical server information.

According to SafetyDetectives, while PII can be used for a wide variety of identity fraud and subsequent phishing scams, the exposed technical details also pose a risk to Avon itself.

“Given the type and volume of sensitive information provided, hackers would be able to assume full server control and execute severely damaging actions that could permanently damage the Avon brand, expose ransomware attacks and cripple the company’s payment infrastructure.”

Interestingly, a June 9 filing with the U.S. Securities and Exchange Commission shows Avon referring to “a cyber incident in its information technology environment that disrupted certain systems and partially impacted operations.”

In a second affidavit dated June 12, Avon stated that it was planning to reboot its systems.

SafetyDetectives revealed, “Avon is continuing its investigation to determine the extent of the incident, including the potentially compromised personal data.” “That said, it is not yet possible to anticipate that credit card details will be affected as its main e-commerce site does not store that information.”

The exposure of PII is a cause for concern because it allows cybercriminals to carry out a variety of scams, such as identity fraud and phishing operations. On the other hand, exposing technical data, particularly OAuth tokens, offers a significant danger to Avon, as a hacker may take complete control of the server, install malware, attack the company’s payment infrastructure, and do irreversible harm.

By using effective virtual machine backup solutions, businesses can ensure that their data is constantly protected from loss or harm. Data on the cloud can be accessed at any time and from any location with an internet connection, making it simple to quickly restore a backup in the case of a disaster. With cloud backup technologies, businesses can quickly create a virtual environment to meet regulatory requirements and backup hyper v vm. Customers may simply scale their needs and only pay for what they need because to the nature of cloud technology.

Previous Post

How to Backup an iPhone

Next Post

2 Best Audiobook Downloader Free for Audible & iTunes (2022)

Read Next

optus.com.au/activate

July 19, 2023

Optus, one of Australia's leading telecommunications companies, offers a seamless process to activate your new SIM card. Whether you've chosen...

Wie man Fitness in den Alltag integriert: Kleine Änderungen mit großer Wirkung

June 17, 2023

In einer Welt, in der ein hektischer Lebensstil oft die Oberhand gewinnt, ist es oft eine Herausforderung, Fitness in den...

What can Vn88 Rezence tell you about the interim manager of the Spurs, Stellini?

March 29, 2023

On Sunday night, Tottenham surprised W88 rezence by announcing that Antonio Conte's long departure from the north London club had...

image source: gtvstick

Kayosports.com.au/connect: How To Connect Kayo Sports On Your TV

March 2, 2023

Kayo sports brings you the best of sports entertainment with live streaming of your favorite sports and teams. With access...

Trending Now

Streaming TV, Movies, & More

peacocktv.com/tv/samsung

2 months ago
Mobile

optus.com.au/activate

2 months ago
Streaming TV, Movies, & More

peacocktv.com/tv/lg

3 months ago
Streaming TV, Movies, & More

Telemundo.Com/Link

3 months ago
Biz Willa

© 2021-2022 Biz Willa. All Rights Reserved

Navigate Site

  • About
  • Contact
  • Advertise
  • Privacy & Policy

Follow Us

No Result
View All Result
  • Best Products
    • Audio
    • Camera & Video
    • Car Audio & Accessories
    • Computer Accessories
    • Computers & Laptops
    • Game Consoles
    • Gifts
    • Networking
    • Phones
  • Computers
  • Gaming
  • Internet & Security
  • Smart Home
  • Social Media

© 2021-2022 Biz Willa. All Rights Reserved