Security News > 2022 > March > Adafruit suffers GitHub data breach – don’t let this happen to you
Popular open-source computer hardware company Adafruit Industries accidentally exposed customer data.
The inadvertent disclosure involved an auditing data set used for employee training becoming public, on a GitHub repository associated with an inactive former employee's account who was learning data analysis.
From the report, it sounds as though the results of the forensic analysis were inconclusive - the company wasn't able to specify with certainty whether the data was accessed or not, but it did comment: "[W]e are unaware of any actual misuse of the information".
If phishing criminals do have access to actual names, addresses and order details from a company database breach, then their fraudulent emails can be made even more believable by including genuine historical data as believable but bogus "Proof" that their scam warnings are real.
Numerous tools exist both for redacting genuine data so that it reflects reality without revealing personal details, and for generating realistic but artificial data that is suitable for training.
Especially don't upload it to personal cloud accounts, such as GitHub storage - even if your motivations are honest and your intentions impeccable - where the company can't fulfil its own data protection obligations, and can't reliably revoke your access to it if you leave.
News URL
Related news
- Interbank confirms data breach following failed extortion, data leak (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)