DigitalOcean, a cloud hosting provider, has revealed a data breach that occurred as a result of a loophole that exposed customers’ billing details.
Between April 9th and April 22nd, 2021, a “flaw” allowed an unauthorized user to access customers’ billing information, according to an email sent out by DigitalOcean to impacted customers.
“An unauthorized user gained access to some of your billing account details through a flaw that has been fixed. This exposure impacted a small percentage of our customers”, reads the email sent to customers.
The bug has now been patched, according to the hosting company, and the exposure has only affected a small number of their customers.
A customer’s billing name, billing address, payment card expiration, last four digits of credit card, and payment card bank name are among the data exposed.
The breach was reported to data protection authorities by DigitalOcean.
Just 1% of billing profiles were revealed. Tyler Healy, VP Security at DigitalOcean told TechCrunch.
You might also like: BigBasket Data Breach: 20 million users’ personal information leaked
Last year, DigitalOcean experienced a data breach when they made a document containing information about customers’ accounts publicly accessible.