Digital Ocean, an US based cloud infrastructure provider revealed about a data breach which led to the exposure of some of their account details.
The web hosting provider is currently in the process of notifying the affected some customers about the security lapse.
As per the notification mail sent by the company, the security leak occurred due to an internal Digital Ocean document which was left accessible online accidentally.
The document contained several types of user account details which includes personally identifiable information such as email addresses of the customers and their Digital Ocean usernames. Besides it also included account technical details such as the number of droplets (servers) owned by the customer, the user’s bandwidth usage, support or sales communications notes, and the amount of money the customer paid during the year 2018.
The company stated that the internal document was accessed more than 15 times while it was left exposed online. The file contained details for less than 1% of the company’s total user base.
However, they said that there wasn’t any unauthorized access to the impacted customers’ servers due to this incident.
The company assured that incident like this would not happen in future and that they are taking appropriate measures by training their employees on protecting customer data, establishing new procedures to notify them of potential exposures in a better manner, and making configuration changes to prevent future data exposure.