MSI warranty claim database was publicly accessible via Google
Gamers Nexus uncovered a breach revealing 600,000+ MSI warranty claims on Google, including personal details. MSI's intranet portal was accessible, prompting concerns about fraud. MSI blocked access but hasn't issued a statement. This incident emphasizes the criticality of data security.
Read original article
The YouTube channel Gamers Nexus revealed that over 600,000 customer warranty claims for MSI products were publicly accessible via Google search, exposing sensitive information like names, addresses, and phone numbers. The breach, dating back to 2017, allowed access to MSI's intranet portal where users could view and even resubmit warranty requests. Gamers Nexus demonstrated the ease of access without hacking skills, raising concerns about potential fraudulent activities. Following the discovery, MSI blocked access to the web server. The exposed data, spanning seven years, poses risks of identity theft and phishing scams. Despite the severity of the breach, MSI has not made a public statement. This incident mirrors a similar lapse at Zotac, highlighting the importance of securing customer data to prevent misuse by cybercriminals. The implications of this data exposure underscore the need for companies to prioritize data security and privacy to protect their customers from potential harm.
Related
Microsoft blamed for million-plus patient record theft at US hospital giant
A former Nuance Communications employee stole personal data from over a million Geisinger patients, prompting an investigation and arrest. Microsoft is cooperating with authorities amid concerns over data security practices.
Ticketmaster has begun warning customers about data breach
Ticketmaster notifies customers of a data breach involving personal information theft. 1.3 terabytes of data were compromised and sold on the dark web. Snowflake denies involvement. Ticketmaster enhances security measures.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
IdentifyMobile incident exposed 200M records from companies
A security incident at IdentifyMobile exposed 200 million SMS messages from 200+ companies due to an unsecured AWS S3 server. Sensitive data like 2FA codes and transaction numbers were compromised. Investigations are ongoing.
1 commentsRelated
Microsoft blamed for million-plus patient record theft at US hospital giant
A former Nuance Communications employee stole personal data from over a million Geisinger patients, prompting an investigation and arrest. Microsoft is cooperating with authorities amid concerns over data security practices.
Ticketmaster has begun warning customers about data breach
Ticketmaster notifies customers of a data breach involving personal information theft. 1.3 terabytes of data were compromised and sold on the dark web. Snowflake denies involvement. Ticketmaster enhances security measures.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
IdentifyMobile incident exposed 200M records from companies
A security incident at IdentifyMobile exposed 200 million SMS messages from 200+ companies due to an unsecured AWS S3 server. Sensitive data like 2FA codes and transaction numbers were compromised. Investigations are ongoing.