Exploit: Database leak.
B&Q: Home improvement retailer.
Risk to Small Business: 2.222 = Severe: Security researchers discovered that B&Q exposed the information of 70,000 people who were allegedly involved in criminal activity related to their stores. This can be classified as sensitive data under new GDPR requirements. However, what’s worse is that the company failed to report the incident or take the database offline after being notified.
Individual Risk: 2.714 = Moderate: Since the nature of the data includes criminal activity, along with associated names and vehicle details, this could be specifically damaging for those accused. If received in the wrong hands, it can be leveraged for data breaches, or even cause reputational harm to individuals.
Customers Impacted: 70,000.
How it Could Affect Your Customers’ Business: When a breach occurs, a company’s cybersecurity practices and incident response teams are examined under a microscope. In this case, not only did a third party discover the compromise, but the company did not act in time. As news headlines demonstrate, such a delay in action will be criticized online, causing overall brand erosion and eventually cascading to customer loyalty being negatively impacted.
ClearYolk to the Rescue: We proactively monitor if customer data is being leaked on the Dark Web, helping reduce the losses incurred from such a breach.
www.scmagazine.com/home/security-news/u-k-home-supply-giant-leaves-offender-database-open/
