Hackread reports that major Mexican enterprise resource planning technology provider ClickBalance had 769 million records leaked as a result of an unprotected cloud database.
Information exposed by the misconfigured ClickBalance database included API keys, access tokens, secret keys, tax identification numbers, and bank account numbers, as well as more than 381,000 email addresses, a report by cybersecurity researcher Jeremy Fowler published on WebsitePlanet showed. No additional information regarding potential unauthorized access to the database, which was secured by ClickBalance within hours of Fowler's disclosure, was provided but the exposed data was noted by Fowler to possibly result in long-term security risks to impacted organizations and individuals. Organizations have been urged to not only replace their credentials and activate two-factor authentication but also strengthen access controls for admin credentials, keys, and tokens, as well as bolster storage security and vigilance of unwanted information requests and emails.