Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

BuyGoods.com Data Exposure

January 25, 2024
Reading Time: 2 mins read
in Incidents

Cybersecurity researcher Jeremiah Fowler discovered a severe data exposure resulting from a misconfigured cloud database associated with BuyGoods.com, a global ecommerce marketplace. The unprotected database, totaling 198.3 gigabytes, lacked security authentication, making it openly accessible to the public. It contained over 260,000 records, including affiliate payouts, refund transactions, invoices, and sensitive Personally Identifiable Information (PII) and Know Your Customer (KYC) data. The exposed information encompassed customers’ personal documents like selfies, identification cards, passports, and unredacted credit card details, potentially impacting users across 17 countries.

BuyGoods.com, based in Wilmington, Delaware, serves as a business management platform for product owners, marketers, and online shoppers, boasting a user base of 3 million consumers across 17 countries. Despite the swift acknowledgment by BuyGoods.com after Fowler’s responsible disclosure, stating the access issue had been resolved, the researcher found that the server remained exposed for some time, posing ongoing risks. Fowler promptly notified the company about the security concern, but the database continued to be accessible, raising concerns about the effectiveness of the resolution and the potential impact on global users.

The data leak revealed not only financial and transactional records but also highly sensitive personal documents, amplifying the severity of the privacy breach. Despite BuyGoods.com’s assurances, the extended exposure of the database underscores the challenges in promptly securing sensitive information and the potential risks faced by individuals worldwide due to the misconfiguration. The incident highlights the critical importance of securing cloud databases and ensuring robust measures to protect user data in the rapidly evolving landscape of online transactions and ecommerce platforms.

Reference:
  • Affiliate Sales Platform Data Breach Exposed Identification Documents, Credit Cards, and More
Tags: BuyGoods.comCyber Incidents 2024cyber-incidentCyberattacksData LeakE-commerceJanuary 2024Jeremiah FowlerMisconfigurationPersonally Identifiable InformationRetailer
ADVERTISEMENT

Related Posts

Hackers Leak 10K VirtualMacOSX Customer Data

Hackers Leak 10K VirtualMacOSX Customer Data

June 16, 2025
Hackers Leak 10K VirtualMacOSX Customer Data

Canada WestJet Airline Contains Cyberattack

June 16, 2025
Hackers Leak 10K VirtualMacOSX Customer Data

Washington Post Investigates Cyberattack on Emails

June 16, 2025
AI Spam Hijacks Official US Vaccine Site

Cyberattack On Brussels Parliament Continues

June 13, 2025
AI Spam Hijacks Official US Vaccine Site

Swedish Broadcaster SVT Hit By DDoS

June 13, 2025
Major Google Cloud Outage Disrupts Web

Major Google Cloud Outage Disrupts Web

June 13, 2025

Latest Alerts

PyPI Malware Steals AWS, CI/CD, macOS Data

IBM Backup Service Flaw Allows Elevated Access

Image Hiding in DNS TXT Records

Old Discord Links Now Lead To Malware

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

Subscribe to our newsletter

    Latest Incidents

    Canada WestJet Airline Contains Cyberattack

    Hackers Leak 10K VirtualMacOSX Customer Data

    Washington Post Investigates Cyberattack on Emails

    Cyberattack On Brussels Parliament Continues

    Swedish Broadcaster SVT Hit By DDoS

    Major Google Cloud Outage Disrupts Web

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial