2 min read

DigitalOcean Accidentally Leaks Customer Data

Alina BÎZGĂ

May 11, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
DigitalOcean Accidentally Leaks Customer Data

DigitalOcean, a popular web-hosting platform, has started informing customers about a data leak that “unintentionally” exposed personally identifiable information online.

According to a notification sent to DigitalOcean users, the incident is linked to a 2018 company-owned document that was publicly available for viewing without requiring any authentication.

“This document contained your email address and/or account name (the name you gave your account at sign-up) as well as some data about your account that may have included Droplet count, bandwidth usage, some support or sales communications notes, and the amount you paid during 2018,” the letter reads. An investigation by the provider”s security team found the internal document was “accessed at least 15 times” before it was taken down.

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

No official statement was released, but company officials have commented on the incident, saying that “there was no malicious access to that document” and “less than 1% of our customer base was impacted.”
“The only PII included in the file was account name and email address,” the company added. “This was not related to a malicious act to access our systems.”

DigitalOcean takes full responsibility for the data leak, and promises to undergo extensive employee training for assuring customer data protection and preventing future incidents.

The notification letter also reassures users that “your Droplets and other systems you run on our platform have not been impacted by this mistake, we are committed to being transparent anytime we feel your data has been used in a way that does not align with our values.”

While there is no indication of foul play or a targeted attack, changing your account password and enabling two-factor authentication is never a bad idea. Companies should start focusing on protecting customer data, regardless of the type of information they handle. Even with limited information, bad actors can still formulate phishing campaigns to steal additional information or financial details.

tags


Author



Right now

Top posts

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Exposed Server at Malaysian POS Software Provider Leaks Data of 1 Million Customers Exposed Server at Malaysian POS Software Provider Leaks Data of 1 Million Customers
Alina BÎZGĂ

June 22, 2022

2 min read
Is someone abusing your credit card? Here’s what you can do to prevent credit card fraud Is someone abusing your credit card? Here’s what you can do to prevent credit card fraud
Alina BÎZGĂ

June 14, 2022

2 min read
E-skimming attack at US gun shops impact over 90,000 customers E-skimming attack at US gun shops impact over 90,000 customers
Alina BÎZGĂ

June 08, 2022

2 min read