Over 120 million Decathlon accounts hacked

Sporting company Decathlon has suffered a massive data breach exposing records of over 123 million users and employees.

According to researchers at vpnMentor, more than 9GB of data was leaked from an unsecured ElasticSearch server.

The leaked information, which primarily pertains to the Spanish arm of the company, was found on February 12th, with Decathlon was informed on 16th February, with the company saying the server was fixed the next day itself. 

Decathlon hack

According to Decathlon, the majority of the data was related to its employees, with very few customers affected.

The leaked files contained information including employee user names, un-encrypted passwords, official email addresses, employee contract information, API logs and API credentials.

But also included personally identifiable information like social security numbers, nationalities, mobile phone numbers, full addresses and birth dates of the employees. 

Un-encrypted login credentials and private IP addresses belonging to Decathlon’s customers could also be found in the leaked database.

Experts believe the perpetrators may try to further steal data using the administrator credentials or send phishing emails to the customers. Attempts of identity theft and physical attacks cannot be ruled out as the leaked data had personally identifiable information.

“The leaked Decathlon Spain database contains a veritable treasure trove of employee data and more. It has everything that a malicious hacker would, in theory, need to use to take over accounts and gain access to private and even proprietary information,” said vpnMentor.

Via: ComputerWeekly

http://www.techradar.com/news/over-120-million-decathlon-user-accounts-hacked

Source: TechRadar - All the latest technology news

By: Jitendra Soni

Nextdoor adds Help Maps and Groups to connect neighbors during the coronavirus outbreak
Nextdoor adds Help Maps and Groups to connect neig ...
Founders who share insights can build industry trust at scale
Founders who share insights can build industry tru ...
How the surge in remote working is forcing the issue of location agnostic cybersecurity
How the surge in remote working is forcing the iss ...
Expanding its women’s health benefits offerings for employers, Maven raises $45 million
Expanding its womens health benefits offerings ...
How to watch Homeland: stream season 8 online from anywhere
How to watch Homeland: stream season 8 online from ...
Packers vs Vikings live stream: how to watch today's NFL football 2019 from anywhere
Packers vs Vikings live stream: how to watch today ...