Threat Watch

Maropost Database Exposes 95 Million Records

The customer engagement platform Maropost recently leaked 95 million records by way of an unsecured Google cloud server. The issue was found in early February and the server was secured on April 1st. Maropost CEO Ross Andrew Paquette claimed that the emails that were found were randomized test emails, this, however, was not the case. Although no PII was included on the server, email addresses and metadata (exact date and time the emails were sent, who sent them and to whom) were included and could be used to carry out phishing campaigns and BEC scams. The CEO of RiskRecon, Kelly White said, “It is also rooted in the failure of Maropost’s customers to hold them accountable to operating a strong security risk management program. Companies must operate robust third-party security risk management programs that hold their vendors accountable to implementing good security practices.”

ANALYST NOTES

Using cloud servers can be risky if not configured correctly, but if they’re regularly audited to make sure the proper security settings are in place, this will help keep them safe. If the exposed data was accessed by threat actors, there is a high likelihood that targeted phishing campaigns will take place that relates to this leak of information. Since the records contained in Maropost’s marketing database include employees at many companies that were not Maropost’s clients, it is important for every company to provide regular education to employees about how to spot phishing messages.

Source: https://www.scmagazine.com/home/security-news/data-breach/maropost-database-with-95-million-left-open-and-unsecure/

https://cybernews.com/security/marketing-giant-maropost-exposes-95-million-emails-and-doesnt-seem-to-care-about-it/