SoftwareProjects reveals vast customer and affiliate information

January 18, 2024
1 min read

TLDR:

  • The affiliate sales platform SoftwareProjects experienced a data breach in which nearly 200GB of customer and affiliate data was exposed.
  • The exposed database contained personally identifiable information (PII) such as credit card images, identification documents, and other sensitive information.

A cybersecurity researcher discovered the breach and reported it to SoftwareProjects, who resolved the issue by moving all PII data away from public access. However, the database remained accessible for some time before being restricted. The breach exposed a range of files and documents, including internal documents, invoices, refund documents, and bank transfer records. The risks resulting from the breach include phishing, identity theft, and malware injection. It is unknown how long the data was exposed or if it was accessed by unauthorized individuals. The researcher advises affected individuals to monitor their accounts, apply for new bank cards, and consider identity theft protection services.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and