Cyber Security

ERP Provider Exposes 769 Million Records, Including API Keys And Email Addresses

A massive data breach involving ClickBalance, one of Mexico’s largest Enterprise Resource Planning (ERP) technology providers, has been uncovered by cybersecurity researcher Jeremiah Fowler.

The breach exposed a staggering 769,333,246 records, totaling 395 GB of data, in a non-password-protected database.

The exposed database contained potentially sensitive information, including:

  • Access tokens and API keys
  • Secret keys
  • Bank account numbers
  • Tax identification numbers
  • 381,224 email addresses

ClickBalance offers cloud-based business services for automating administration, accounting, inventory, and payroll processes. The company’s ERP software is designed to centralize data and provide real-time information on various business operations.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Fowler discovered the unprotected database and promptly reported it to Website Planet. Within hours of being notified, ClickBalance restricted public access to the database.

However, it remains unclear how long the data was exposed or if any unauthorized parties accessed it.

The exposure of such sensitive data poses several significant risks:

  • Unauthorized Access: The leaked API keys and secret keys could potentially grant cybercriminals access to critical systems and sensitive data.
  • Phishing Attacks: With over 381,000 exposed email addresses, there is an increased risk of targeted phishing attacks. According to Deloitte, 91% of all cyberattacks begin with a phishing email.
  • Network Vulnerabilities: Exposed IP addresses could serve as a starting point for cybercriminals to identify and exploit network vulnerabilities.

Recommendations

In light of this breach, affected individuals and organizations should take the following precautions:

  • Change passwords to new, complex ones
  • Enable two-factor authentication (2FA) on accounts
  • Be cautious of unsolicited emails or suspicious information requests
  • Implement incident response protocols
  • Notify affected stakeholders, customers, and partners
  • Enhance data security measures
  • Conduct regular security audits

This incident highlights the significant data protection challenges faced by technology companies managing large amounts of sensitive information.

ERP, CRM, and CDM systems are particularly vulnerable due to the vast array of data they store for multiple customers.

As these systems continue to play a crucial role in modern business operations, providers must prioritize data security to maintain trust and protect their clients’ sensitive information.

While the full extent of the breach’s impact remains unknown, this incident underscores the need for constant vigilance and proactive security measures in an increasingly digital business landscape.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

TikTok Stopped Working for US Users, Removed from Apple & Google stores

TikTok, the popular video-sharing app, has been banned in the United States and removed from…

6 hours ago

MITRE Launches D3FEND 1.0 to Standardize Cybersecurity Techniques for Countering Threats

MITRE has officially released D3FEND™ 1.0, a groundbreaking cybersecurity ontology designed to standardize the vocabulary…

1 day ago

PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability

A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns,…

1 day ago

FlowerStorm “Phishing-as-a-Service” Attacking Microsoft Users With Fake Login Pages

FlowerStorm is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing…

1 day ago

Hackers Abusing Microsoft VSCode Remote Tunnels To Bypass Security Tools

VSCode Remote Tunnels, a legitimate feature of the popular development environment, are increasingly being used…

1 day ago

AWS Patches Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has recently addressed two critical security vulnerabilities affecting its popular cloud-based…

2 days ago