Data Breach revealed at Tech Data

TOPICS:Data breachFortune 500Norway TodayPersonal InformationSecurityTech DatavpnMentor
Employees of Tech Data. Photo: Tech Data / Facebook

Posted By: Pieter Wijnen 9. June 2019

Data Breach at Fortune 500 Company Tech Data

The research team at vpnMentor discovered a major data leak at the Tech Data Corporation (NASDAQ: TECD), a Fortune 500 company providing tech products, services, and solutions globally. Tech Data is represented in many countries, including Norway.


vpnMentor’s researchers, led by security researchers Noam Rotem and Ran Locar, identified the consequential data breach that exposes access to 264GB of Tech Data’s client servers, invoices, SAP integrations, plain-text passwords, and much more.

Tech Data recently announced their quarterly earnings reports, which exceeded expectations and reflected a year over year increase (source: Nasdaq). More than 1 in 4 Fortune 500 companies have been hacked in the last decade, so Tech Data is part of an elite, but a particularly vulnerable, club.

Timeline of Discovery and Reaction

Data Leak Discovered

 June 2, 2019

Reached Out to Tech Data

June 2, 2019

Attempted to Contact Tech Data Again

June 4, 2019

Tech Data Team Responded

June 4, 2019

 Data Leak Fixed

June 4, 2019

Editor’s Note: It’s worth noting that Tech Data’s team was very professional in handling news of the leak and asked the real questions to solve the problem.  We commend their expertise and dedication.

Information Included in the Data Leak

Tech Data – the 45-years-old veteran infrastructure solutions company working with vendors such as Apple, Cisco, Samsung, Symantec, et al – had a full database leak that seemed to affect much of the corporate and personal data of clients and employees.

We saw that there was a log management server (Graylog) that was leaking system-wide data. This contained email and personal user data, as well as reseller contact and invoice information, payment and credit card data, internal security logs, unencrypted logins and passwords, and more.

Tech Data Personal information

This was a serious leak as far as we could see, so much so that all of the credentials needed to log in to customer accounts were available.

Due to ethical reasons – and because of the size of the database –  we could not go through all of it and there may have been more sensitive information available to the public than what we have disclosed here.

Some of the available data included:

  • Private API keys
  • Bank information
  • Payment details
  • Usernames and unencrypted passwords
  • Full PII (personally identifying information) are visible, including:
    • Full names
    • Job titles
    • Email addresses
    • Postal addresses
    • Telephone numbers
    • Fax numbers

Also included was machine and process information of clients’ internal systems, in which errors were available and that could easily help less-friendly hackers find out more about the system and its mechanics.

The Danger of Exposing this Information

With a simple search of the exposed database, our researchers were able to find the payment information, PII, and full company and account details for end-users and managed service providers (MSPs) – including for a criminal defence attorney, a utility service provider, and more. There were enough details in this leak wherein a nefarious party could easily access users’ accounts – and possibly gain access to the associated permissions for said accounts.

Tech Data

As Tech Data is such a significant player in the industry, the exposed database left it vulnerable to competitors looking to gain an unfair advantage and for hackers to take control of the systems, exploiting it with ransomware and the like.

Tech Data Private key

One of the private API keys discovered from the database

How vpnMentor Found the Data Breach

vpnMentor’s research team is currently undertaking a huge web mapping project. Using port scanning to examine known IP blocks reveals gaps in web systems, which are then examined for vulnerabilities, including potential data exposure and breaches.

Tapping into years of experience and know-how, the research team examines the database to confirm its identity.

After identification, we reach out to the database’s owner to report the leak. Whenever possible, we also alert those directly affected. This is our version of putting good karma out on the web – to build a safer and more protected internet.

 

Donate in EUR Donate in NOK
Donate in GBP Donate in USD

 

Advice from the Experts

Could this data leak have been prevented? Absolutely! Companies can avoid such a situation by taking essential security measures immediately, including:

  1. First and foremost, secure your servers.
  2. Implement proper access rules.
  3. Never leave a system that doesn’t require authentication open to the internet.

For more in-depth information on how to protect your business, check out how to secure your website and online database from hackers.

Check Out More Data Leaks Discovered

vpnMentor is the world’s largest VPN review website. Our research lab is a pro bono service that strives to help the online community defend itself against cyber threats while educating organizations on protecting their users’ data.

Additional cybersecurity risks discovered by our team include explicit messages leaked by a dating app, which left vulnerable over 200,000 users – including government employees – to potential blackmail and extortion, as well as the exposure of detailed security logs from a prominent hotel management group.

Read also

Empowering Internet Safety Guide for Women


© vpnMentor / #Norway Today
RSS Feed

SHARE TWEET PIN SHARE

Related Articles