Back-up vendor Acronis has admitted some of its customers’ data leaked onto the Web, as it opens an investigation into what went wrong.
Acronis said certain information from its knowledge base was opened up to everyone after the access control settings were reset to default. The back-up supplier said most of the content in the database was not “sensitive or confidential”.
“However, it did contain an older spreadsheet listing just the email addresses of customers who had been entitled to a free product upgrade and their upgrade license key. In compliance with our customer information security policies, no other identifying information was contained in this spreadsheet,” explained Ed Benack, chief customer officer at Acronis, in an email sent to TechWeekEurope.
“The rights issues were addressed immediately, and we are still investigating why this occurred in the first place. In addition, we have updated our policy and moved all internal files to a completely separate database to further protect customer information, should another unexpected software glitch occur. This glitch did not occur in an Acronis product.”
Acronis makes amends
The company has now offered affected customers another free product upgrade on top of the one they were already due.
In an email to customers, spotted by DaniWeb, Acronis blamed the data breach on a “technical issue” with one of its servers. The vendor warned customers that their email addresses “could have been looked up on the Internet by directly searching for it”.
If you think you know everything about security, try our quiz!
Article source: http://www.techweekeurope.co.uk/news/acronis-data-breach-85451