U.S. independent record label Empire Distribution, which has worked with Kendrick Lamar, Snoop Dogg, and 50 Cent, had its sensitive data exposed as a result of an environment file misconfiguration, Cybernews reports.Included in the leaked information were Empire's JSON Web Token secret, SES key and secret, and Mailgun API and domain, as well as several database and Memcached server credentials, according to Cybernews researchers.Attackers could leverage the database credentials to facilitate further access to sensitive information, including customer data, intellectual property, and financial details, while Memcached credentials could be used to enable lateral movement to other systems and other malicious activity. Other Empire systems could also be compromised using tokens generated by the JSON Web Token, while threat actors could have leveraged the Mailgun API and domain and SES credentials to facilitate phishing attacks enabling malware distribution.Empire has already been notified regarding the compromise but has yet to provide a response.
Cloud Security, Data Security, Privacy
Misconfiguration exposes Empire Distribution data
Credit: Adobe Stock Images
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds