Connect with us

Latest News

Millions of Shoppers’ Data Exposed Ahead of Black Friday

Latest News News

Leeds United and Wales Great Terry Yorath Dies Aged 75 After Short Illness

Latest News

‘Fear in the Streets’ as Venezuelans Weigh Hope and Uncertainty After Maduro’s Seizure

Latest News News

Israel’s foreign minister makes historic visit to Somaliland

Latest News News

More ice and snow warnings issued after weather forces closure of over 1,000 UK schools

Latest News News

Swiss bar in deadly blaze missed five years of safety checks

Latest News News

Starmer Signals Openness to Deeper EU Alignment While Holding Firm on Brexit Red Lines

Latest News

Saving South Africa’s Threatened Albatross From Lethal Fishing Lines

Latest News Sports

Stokes Backs McCullum as England Look Beyond Ashes Defeat

Latest News

One Dead and Dozens Hurt as Powerful Earthquake Jolts Mexico City and Acapulco

Latest News

Millions of Shoppers’ Data Exposed Ahead of Black Friday

Published

4 weeks ago

on

Massive Data Leak Discovered
Millions of online shoppers are at risk following the discovery of a major data leak on VTEX, a global e-commerce platform. On February 28th, 2025, Cybernews researchers uncovered that the personal information of over six million customers had been accidentally uploaded to the open internet. Despite repeated attempts to contact the company, the exposed database remains unsecured.

How the Leak Happened
The breach originated from an unauthenticated cloud container, a common misconfiguration that occurs when storage environments are left without a password. This error made sensitive data visible to search engines and accessible to anyone online. The leaked files were stored in Parquet format, which is commonly used for organizing large datasets in analytics or customer data pipelines.

What Information Was Exposed
The exposed dataset contained detailed private records, including individual purchase histories, delivery addresses, and contact details. Given VTEX’s role as a provider for thousands of online stores and major global brands such as Samsung, Nestle, Mazda, Coca-Cola, Walmart, and Sony, the potential impact of the leak is significant and far-reaching.

Potential Risks for Shoppers
Cybernews warns that threat actors could exploit the leaked information to carry out phishing attacks. Scammers might send fake SMS messages or emails posing as order confirmations or delivery issues, increasing the likelihood that victims hand over sensitive payment or login details. This risk is particularly high as the holiday shopping season, including Black Friday, approaches, when online purchasing activity surges.

Global Implications
VTEX operates across 38 countries, powering over 3,500 online stores. The sheer scale of the platform means that data leaks could have international repercussions, affecting customers far beyond the company’s home base in Brazil. Cybersecurity experts emphasize that even small misconfigurations in cloud storage can lead to large-scale exposure, highlighting the need for robust security practices among e-commerce providers.

What Shoppers Can Do
Consumers who have shopped on VTEX-powered sites should remain vigilant. Experts recommend monitoring bank statements closely, avoiding clicking on suspicious links, and being cautious of unexpected communications claiming to be from retailers. Using strong, unique passwords and enabling two-factor authentication where possible can help reduce vulnerability to potential scams.

Related Topics:
Continue Reading