BOOK THIS SPACE FOR AD
ARTICLE ADClickBalance ERP provider’s cloud database exposed 769 million records, including API keys and email addresses. Learn how this cloud security incident can impact businesses and consumers, and what steps to take to protect yourself.
Cybersecurity researcher Jeremiah Fowler discovered a cloud database containing 769 million records belonging to ClickBalance, a software provider offering cloud-based business services. The database was left exposed without any password or security authentication, making accessing data to malicious threat actors a piece of cake.
ClickBalance is one of Mexico’s largest Enterprise Resource Planning (ERP) technology providers, offering ERP tools accessible from any device. ERP tools manage and automate business processes across various departments like finance, human resources, supply chain, manufacturing, and sales.
According to Fowler’s report for Websiteplatnet shared with Hackread.com ahead of publishing on Monday, The database contained potentially sensitive information such as access tokens, API keys, secret keys, bank account numbers, tax identification numbers, and 381,224 email addresses.
For your information, exposing API and secret keys is highly concerning as cybercriminals could exploit the data to gain unauthorized access to critical systems and sensitive data, leading to data theft, account takeovers, unauthorized transactions, and service disruptions.
The exposure of email addresses also poses potential risks beyond spam, as 91% of cyberattacks begin with phishing emails. Criminals can create deceptive emails to steal personal information, financial data, and login credentials. Cybercriminals are already aware of business-related email addresses and could launch targeted phishing attacks.
It is unknown how long the database was exposed or if anyone else gained access. Fowler, however, notes that technology companies managing vast amounts of data, including customers, employees, and end users, face significant data protection challenges. ERP, CRM, and CDM systems are designed to track and manage this data, but a data breach can expose sensitive information, posing long-term operational and strategic risks.
The good news is that Fowler sent a responsible disclosure notice and public access was restricted within hours. Nevertheless, to protect against these risks, organizations should change their passwords and enable two-factor authentication (2FA).
It’s also important to be cautious of unsolicited emails and suspicious information requests. Protecting keys, tokens, and other administrative credentials with access controls and secure storage practices is also crucial.