Cloud hosting provider DigitalOcean has unveiled a data breach after a flaw disclosed customers’ billing information. To take control of the matter, the company sent out an email to the affected customers. The email informed about a “flaw” that enabled an unapproved user to access customers’ billing details between April 9th, 2021, and April 22nd, 2021.
“An unauthorized user gained access to some of your billing account details through a flaw that has been fixed. This exposure impacted a small percentage of our customers,” reads the email sent to consumers. The email further informs that the breached information comprises a customer’s billing name, billing address, payment card expiration, last four digits of credit card, and the payment card’s bank name.
Read more: Facebook under investigation in Europe over the massive leak of 533 million users’ data
Moreover, DigitalOcean declares that they have fixed the flaw and revealed the breach to data protection authorities. However, it is not clear which of the agencies were notified. Tyler Healy, VP Security at DigitalOcean, stated that this flaw disclosed only 1% of billing profiles. In addition to patching up the vulnerability, DigitalOcean has stated that the company has also added additional security controls to user accounts.
Read more: Personal data scraped from 500 million LinkedIn users found for sale online
Furthermore, the firm also guarantees to further expand its security measures to prevent such situations from occurring again in the future. Applicable privacy authorities have also been reported the data breach. Corporations with clients in Europe are subject to GDPR and can face penalties of up to 4% of their global annual revenue.
Last year, the cloud company raised $100 million in new debt, followed by another $50 million round, months after downsizing the company due to the firm’s financial health. In March, the organization went public, raising about $775 million in its primary public offering.
Source: TechCrunch
Image Source: WPEXPLORER