Security researcher discovered data management company Rubrik accidentally leaked massive customer database on unsecured server

February 11, 2019

  • Database Leak – Security researcher Oliver Hough found data management firm Rubrik left massive customer database exposed on unsecured server, where anyone can access it if they knew where to look without needing password
  • Customer Data – Database contained tens of gigabytes of customer data, including names, contact information, and case work for each corporate customer dating back to October 2018, plus e-mail records
  • Offline Server – Company pulled server offline when notified by TechCrunch
  • High Profile Customers – Include thousands of major clients, such as Scottish government, U.S. Department of Defense, CarePoint Health, Deloitte, Shell, Amalgamated Bank, U.K. National Health Service, Homeland Security, and other federal government departments
  • Human Error – Exposed server attributed to human error, citing default access setting was not changed in line with standard practice
  • Potential Fine – As customer database included European businesses, company could face penalties up to 4% of global annual revenue if found to be in violation of GDPR data protection rules

Image Source: Rubrik

Image Source: Rubrik

Accelerator: Cybersecurity
Sector: Information Technology
Organization: Rubrik Inc.

Original Publication Date: January 31, 2019

What are your thoughts?

AcceleratingBiz® is a trademark of MangoStrategy, LLC


   +1 617-588-3400
Become part of the community!

Receive the latest AcceleratingBiz updates and access member-only content

© 2013-2019 MangoStrategy, LLC   |   Read our Cookie Policy, Privacy Policy and Terms of Service