Data From Fox News Leaked Via Unsecured Database

Fox News is making headlines for all the wrong reasons.

In a recent report from security researcher Jeremiah Fowler, details were revealed of an open and non-password protected database that contained nearly 13 million records belonging to FOX News. The data reportedly contained management data including employee personally identifiable information, internal FOX emails, usernames and more. In the data, there were several references to Comcast Technology Solutions. Comcast has confirmed that they did not manage this dataset and that it likely belonged to a customer that was using their services.

Kevin Novak, Managing Director, Breakwater Solutions:

“Over the course of the past couple of years, as companies have struggled to adapt to a new operating paradigm in the face of a global pandemic, there has been a mass migration of processes and information from captive, in-house data centers to public cloud centric service providers such as Google Cloud, Microsoft Azure, and Amazon Web Services.  The ease by which services can be deployed has created a false sense of security, and as many are learning, this is starting to materialize into a significant wave of improper data disclosures (breaches) and cybercrime compromises.”

“While in-house, captive data centers are certainly not immune to accidental misconfigurations (particularly as it pertains to things like leaving remote access portals accessible through the firewall), these environments have been around much longer, and the hardening of these environments tends to be slightly more well-understood.” 

“Whether hosting information in captive data centers or public-cloud ones, enterprises need to be mindful to enforce mature, tested security controls and governance protocols, lest they find themselves the subject of tomorrow’s big headline.”

Companies have to take care to make sure that their data always stays in their control. Otherwise bad things will happen. At the very least it’s bad press. At worst, it’s going to be a serious data breach with serious consequences. Neither of those is a good thing.

Leave a Reply

%d bloggers like this: