Security News > 2021 > July > Misconfigured Azure Blob at Raven Hengelsport exposed records of 246,000 anglers – and took months to tackle, claim infosec researchers
Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months.
"Sadly, actually getting Raven, also known as Raven Fishing, to do anything about the issue proved challenging."We immediately tried to get in touch with Raven once we discovered the open database, but did not receive a response from Raven regarding the breach," SafetyDetectives' researchers noted.
"We later attempted to contact Raven through the live chat feature on their website.
On the first attempt at reaching Raven here, Raven's customer support agent ended the live chat without responding to our message.
"On the second attempt, we were connected with the same member of staff who told us that they couldn't give us further contact details. We were informed that our request would be passed onto the relevant parties and we should be contacted if Raven saw fit. A few months later, after several additional attempts, a representative from Raven finally got back to us and the data was secured."
Microsoft's general customer support was also described as "Not helpful," failing to provide the security researchers with any assistance in raising someone technical at Raven to see the data secured.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/07/27/azure_blob_raven_hengelsport/