A database belonging to Veeam, a data management company, has been leaked online containing sensitive customer records. A deeper look into its contents reveals that many of its customers are Fortune 500 companies which signals a very serious security risk.
Veeam Customer Data Leaked: More Information About The Incident
Veeam is a prominent data management company which is well-known for serving enterprise customers and big business clients. They offer a multitude of products and services trusted by customers around the world however a serious incident connected to them has been reported by the security community. News broke about an exposed Veeam database that can be accessed publicly. The reports showcase that it contains more than 200 GB of customer date, mostly containing names, email addresses and partial information about IP address logs. The database itself is made up of two collections — the first ones contains 199.1 million addresses, while the second one 244.4 million. This totals 443.5 million records available for malicious abuse. As access to the database is not available right now we cannot check for duplicate copies of the strings.
Despite the fact that the leaked information does not contain any passwords or account credentials the bulk of the data can be used for crimes such as identity theft and blackmail. The full list of available value types is the following:
- Customer First and Last Name
- Email Recipient Type
- IP address
- Customer Organization Size
- Referrer URL Address
It appears that the reasons for the leak is a misconfiguration of the database. Following this the instance was indexed by Shodan which is a tool used by malicious users to scan for services that can be abused. The records themselves have been created from 2013 to 2017.
Following the public exposure of the databases the issue was reported to the company. Three hours later the site was unavailable for visitors. However we do not know for how long malicious users have known before the security experts discovered the instance. It is likely that blackmail and social engineering attacks are already being planned or carried out. Veeam is trusted by many Fortune 500 companies which makes the risks even more critical.
Following the incident report Veeam stated that they have started an in-depth investigation.