TechCrunch reports that leading trust management platform Vanta had private information from less than 4% of its over 10,000 clients inadvertently exposed to other customers due to a product code change issue, which will be completely remediated by Wednesday.
Such a vulnerability, which was initially discovered on May 26, led to "a subset of data from fewer than 20% of our third-party integrations being exposed to other Vanta customers," according to Vanta Chief Product Officer Jeremy Epling, who noted that notifications have already been sent to all customers impacted by the data leak. Additional details regarding the types of exposed customer data or the potential compromise of Vanta employee information were not provided. However, a Vanta customer speaking to TechCrunch noted the firm's notice to indicate the leakage of employee account data, which included employees' names and roles, as well as configuration details on multi-factor authentication and other tools.
Such a vulnerability, which was initially discovered on May 26, led to "a subset of data from fewer than 20% of our third-party integrations being exposed to other Vanta customers," according to Vanta Chief Product Officer Jeremy Epling, who noted that notifications have already been sent to all customers impacted by the data leak. Additional details regarding the types of exposed customer data or the potential compromise of Vanta employee information were not provided. However, a Vanta customer speaking to TechCrunch noted the firm's notice to indicate the leakage of employee account data, which included employees' names and roles, as well as configuration details on multi-factor authentication and other tools.
