Data-management firm reportedly mismanages data, exposes customer info – CNET

Apple one percent up, Irish to set tax deal
Getty Images

A Swiss data management company may’ve dropped the ball when it came to managing its own data.

Switzerland-based Veeam, which specializes in data recovery, backup and management, reportedly left exposed a database containing more than 200 gigabytes of customer information.

The more than 440 million records mostly consisted of names, email addresses and IP addresses, according to a report by TechCrunch and a blog post by security researcher Bob Diachenko. Veeam didn’t immediately respond to a request for comment.

Veeam used the data to send automated marketing communications to its customers.

The database consisted of two collections of records gathered between 2013 and 2017, according to TechCrunch, which said some records may be duplicates. After TechCrunch alerted Veeam about the exposure, the database was pulled offline within three hours, the news outlet said.

The database wasn’t secured with a password, so it was accessible to anyone who was aware of it, Diachenko said.

Exposed-data incidents have hit Comcast, the University of Cambridge and Exactis in recent months.