Data leak exposes luxury shoppers to phishing
Editorialist, a luxury shopping platform, has been inadvertently leaking users' data for months.
The company inadvertently exposed a cloud storage, specifically an Amazon S3 bucket, to the public. This led to the leakage of approximately 7,000 client invoices containing names, addresses, and descriptions of shopping items belonging to Editorialist.com clients, as reported by Cybernews.
Furthermore, the exposed dataset included 316 spreadsheets revealing user IDs, first and last names, card names and types, the last four digits of payment cards, card expiration dates, and cardholders' email addresses.
Cybernews researchers highlighted the potential risks, stating, "Shopping information and transaction data can significantly increase the risk of phishing attacks."
They advise potential victims to remain vigilant for targeted phishing emails from fraudsters posing as Editorialist or a related company. It is essential never to click on links or attachments in unsolicited emails.
Your email address will not be published. Required fields are marked