Thomson Reuters exposed TBs of sensitive data over internet
Thomas Reuters, a Canada based multimedia company was surrounded in controversy as its database was exposed online. The database had information pertaining to customers and corporate confidential data. The size of the exposed data is suspected to be more than 3 terabytes.
Thomas Reuters specializes in research materials, editorial insight, productivity tools, online learning, news updates, and marketing resources. Thomson Reuters Corp’s turnover for the last year is estimated to be around $6.524B. The news of the exposed data on the web comes as a major blow to the company.
The exposed database stored documents and information relating to business specifics. Security researchers have claimed that the data is worth millions of dollars. As the data was exposed online for many days, the threat actors had plenty of time to steal the vast data. They could use the sensitive data for social engineering activities and ransomware attacks. Threat actors can also make it available on other forums like the Dark Web where hackers sell personal and sensitive information of users and companies.
See more: Sensitive UAN data exposed online claimed Security researcher
Thomas Reuters has tried to cover up the incident and stated that out of the three exposed databases, two of them were meant to be open to the public while the third server was a non-production server for the pre-production environment. However, as per the sources, Reuter’s internal networking components have been leaked allowing the opportunity for the potential threat actors to laterally move into their internal systems. Moreover, the researchers were also able to find login and password logs. These logs the details of the user’s email address and the time their password was changed.
See more: BlackCat Ransomware gang targets the European gas pipelines
Such incidents put the company and its partners at risk as the threat actors consider these gaps as an opportunity to exploit and get a foothold in its internal system. Multinational companies should be more cautious towards data security as threat actors are constantly on the lookout to bombard big organizations.
Follow on Facebook: Latest Hacking Updates