Baar, Switzerland-based Veeam calls itself the “global leader in intelligent data management” and offers “Hyper-Available” data management solutions able to merge traditional data backup and recovery tools with modern cloud environments.
However, in what appears to be the absolute opposite of such claims, the company is reported to have left a server with 200GBs’ worth of data exposed online.
Looking for a reliable platform to store and share files privately? Subscribe to SkyFlok – secure cloud storage and private two-way sharing with your customers. SkyFlok is encrypted and designed to help you store files privately across the globe.
In case of an attack on your files, SkyFlok has a backup plan for you allowing you to recover in no time as we keep all previous versions of your files in the system.
A company which has built its reputation on global data management services appears to have left a treasure trove of data open to the prying eyes of the public.
Baar, Switzerland-based Veeam calls itself the “global leader in intelligent data management” and offers “Hyper-Available” data management solutions able to merge traditional data backup and recovery tools with modern cloud environments.
However, in what appears to be the absolute opposite of such claims, the company is reported to have left a server with 200GBs’ worth of data exposed online.
The unsecured Amazon server was indexed on August 31 and remained open until September 9.
According to Bob Diachenko, an investigation led by the security researcher together with TechCrunch uncovered approximately 445 million records.
The server was used to store data based on the Marketo marketing solution. The leaked records included email addresses, names, countries, and some attribute values such as IP addresses, referral details, as well as user agents.
Records were timestamped between 2013 and 2017 and it is believed the database was not related to Marketo infrastructure, but rather, Veeam’s architecture. It is possible some of the records may be duplicates.
The discovery was made possible through Shodan, a search engine which can be used to find Internet-connected devices and, in some cases, open systems.
The server was pulled offline after three hours after TechCrunch informed Veeam of the mismanagement.
“Even taking into account the non-sensitivity of data, the public availability of such large, structured and targeted dataset online could become a real treasure chest for spammers and phishers,” Diachenko said. “It is also a big luck that database was not hit by a new wave of ransomware attacks which have been specifically targeting MongoDBs.”
The security researcher is referring to a campaign called Mongo Lock which is currently targeting open and unprotected MongoDB servers. The threat actors behind the attack aim to hijack these servers, wipe all of the data held within, and then demand a ransom from victims in return for their content.
A Veeam company spokesperson told sister site CNET:
In August, Air Canada notified customers of a data breach which has potentially exposed passport information belonging to approximately 20,000 customers.
“Unusual login behavior” was detected between August 22 — 24 in systems related to the Air Canada mobile app, according to the carrier, and while the attack was swiftly shut down, it is possible that information including names, email addresses, passport numbers, birthdates, and nationalities, among other data sets, has been compromised,
Data management firm Veeam mismanages own data, leaks 445m records
