Hundreds of Thousands of Customer Files Exposed from Unsecured Cloud Storage
Researchers have discovered hundreds of thousands of customer files leaking from an unprotected Azure Blob Storage instance. The exposed data appears to mostly involve American customers from popular e-commerce platforms such as Etsy, Poshmark, and TikTok shops.
While online shopping is generally safe today, some risks persist in the digital realm. The Cybernews research team recently identified two unsecured Azure Blob Storage containers holding more than 1.6 million files. Both containers contained shipping email confirmations in HTML format. Although the majority of the exposed data concerns users based in the United States, some affected individuals also reside in Canada and Australia.
According to the researchers, the exposure of Etsy’s shipping email confirmation data is especially concerning due to Etsy’s role as a global marketplace supporting millions of small businesses. Most of the leaked shipping information originates from Etsy, but entries linked to TikTok shops, Poshmark, and Embroly were also found.
The majority of these files are email copies of shipping confirmations, which contain sensitive information including full names, home addresses, email addresses, and detailed shipping order information.
Risks Posed by the Etsy Shipping Email Leak
The leaked shipping data poses serious privacy and security risks. Skilled attackers could exploit this information to impersonate Etsy or associated shipping companies, launching highly convincing phishing campaigns. Because these phishing emails could include specific order details, they may appear legitimate to recipients, increasing the chances of successful exploitation.
Attackers may use the personal information to trick victims into revealing further sensitive or financial information. Fraudulent communications could urge recipients to confirm personal data, make payments, or click on malicious links, all while appearing trustworthy due to the inclusion of genuine order information.
Moreover, criminals equipped with email addresses and detailed shipping data could engage in social engineering attacks. They may manipulate victims into disclosing additional personal or financial information. The shipping confirmations could also be used as a vector for delivering malware. By crafting emails that reference particular products or recent purchases, cybercriminals may entice recipients to open infected attachments or click on harmful links, leading to malware infections.
Source of the Exposed Data
The researchers could not definitively identify the owner of the unsecured storage instance. However, analysis of processing records suggests that many affected orders were related to custom embroidery designs. Designer names and order details point to embroidery services based in Vietnam.
Evidence indicates that a single entity may have established multiple shops across various e-commerce platforms, with the largest number of impacted customers coming from Etsy. Nonetheless, the exposed instance did not provide enough information to precisely identify the party responsible for the misconfiguration.
Recommendations to Prevent Future Data Leaks
To address the issue and reduce the risk of similar incidents, researchers recommend implementing stronger security controls to prevent unauthorized access to sensitive data stored in cloud environments. Key measures include conducting retrospective reviews of access logs to detect any unauthorized activity and enabling server-side encryption to protect data at rest.
Using Azure Key Vault for secure encryption key management and enabling SSL/TLS protocols to ensure data security in transit are also important best practices. Regular security audits and reviews, along with staff training to increase awareness of data protection practices, can further strengthen overall security posture and help avoid future data exposures.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
