CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain containing production data.
CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain, containing what appear to be production-level database access credentials, as well as addresses to development endpoints.
Sky, a subsidiary of Comcast, is Europe’s largest media company, boasting a 12% market share and a revenue of approximately £13.4 billion in 2020, as well as more than 31,000 employees and 24 million customers. UpLift Media, launched by Sky and Molson Coors in 2015, is an in-venue digital screen advertising network that operates digital screens in bars and other leisure venues across the UK.
Sky customers have been told to change their passwords immediately, raising fears that the company may have been hit by a data breach.
The company has sent out emails to customers across the UK urging them to reset their passwords as part of a "security measure".
The email contains a link for users to choose a new passwords as Sky has had to change their existing logins, raising fears that the company has suffered some kind of breach or attack.
Several Sky customers took to Twitter to ask Sky if the emails were genuine, or part of a phishing scam, with the firm's official Sky Help Team account replying that they were. ‘To help keep customer’s accounts safe we occasionally reset the password for Sky accounts. Customers can reset their password online at Sky.com,’ a Sky spokesperson said, adding that the company has not been breached. However the account also told some customers that the reset was linked to "part of the incident that happened last week", possibly referencing a recent attack. "We have been informed by the provider of Sky.com email that a number of email accounts have been accessed without permission," its official disclosure on the incident read, "as a precautionary measure these accounts have been locked."
We have seen more impact and what Sky.com have taken precautions to come across this Breach and one of the cybersecurity Experts teams have reported them and here is the link which the experts team clearly show's that how they found out the Data. https://securityaffairs.co/wordpress/123143/data-breach/sky-com-server-misconfiguration.html
No comments:
Post a Comment