Friday, April 28, 2023

Sensitive data is being leaked from servers running Salesforce software


Stylized image of rows of padlocks.

Enlarge (credit: Getty Images)

Servers running software sold by Salesforce are leaking sensitive data managed by government agencies, banks, and other organizations, according to a post published Friday by KrebsOnSecurity.

At least five separate sites run by the state of Vermont permitted access to sensitive data to anyone, Brian Krebs reported. The state’s Pandemic Unemployment Assistance program was among those affected. It exposed applicants’ full names, Social Security numbers, addresses, phone numbers, email addresses, and bank account numbers. Like the other organizations providing public access to private data, Vermont used Salesforce Community, a cloud-based software product designed to make it easy for organizations to quickly create websites.

Another affected Salesforce customer was Columbus, Ohio-based Huntington Bank. It recently acquired TCF Bank, which used Salesforce Community to process commercial loans. Data fields exposed included names, addresses, Social Security numbers, titles, federal IDs, IP addresses, average monthly payrolls, and loan amounts.

Read 9 remaining paragraphs | Comments

Reference : https://ift.tt/4LfKxpQ

No comments:

Post a Comment

NATO’s Emergency Plan for an Orbital Backup Internet

On 18 February 2024, a missile attack from the Houthi militants in Yemen hit the cargo ship Rubymar in the Red Sea. With the crew evacu...