DigitalOcean, the popular cloud-hosting provider, has told some of its customers that their billing details were exposed due to what it described as a “flaw.”
In an email sent out to affected users, DigitalOcean explained that an unauthorised party had managed to exploit the flaw to gain access to billing information between April 9 and April 22, 2021.
The following information from profiles was accessed:
The company was at pains to underline that it does not store users’ fill payment card numbers and so they were not exposed. In addition, DigitalOcean says that it has fixed the flaw that the hacker exploited, and informed data protection authorities about the breach.
As reported by TechCrunch, a statement released by DigitalOcean claimed that only 1% of billing profiles had been impacted by the breach. (A few years ago, the company was claiming to have one million users – which would put the number of exposed accounts at north of 10,000.)
It’s not the first time that DigitalOcean has suffered a data breach that exposed customer information.
In May 2020, for instance, the company advised that a DigitalOcean-owned document from 2018 containing customer details was “unintentionally made available via a public link.”
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024