Decathlon Leaked Data Of Spanish Employees Exposing 123 Million Records

  •  
  •  
  •  
  • 2
  •  
  •  
  •  
    2
    Shares

The giant sports goods retailer Decathlon now makes it to the news due to a security flaw. Researchers found a database exposing over 123 million records that belonged to Decathlon Group. Specifically, the database leaked explicit data of Decathlon Spain employees including their personal details and proprietary information.

Decathlon Data Leaked

Reportedly, the researcher duo from vpnMentor, Ran Locar and Noam Rotem, has found another treasure trove of data exposed online. Elaborating on the details in a blog post, the researchers revealed that they found an unsecured database belonging to Decathlon Spain.

The exposed treasure trove leaked data of Decathlon Spain employees. As stated in their post:

It has everything that a malicious hacker would, in theory, need to use to take over accounts and gain access to private and even proprietary information.

In brief, the exposed data on an Elasticsearch server included over 123 million records. These records included employees’ personal details such as usernames, passwords, API logs, API usernames and unencrypted passwords, detailed PII data of the employees, employment contract details, and work email addresses. Moreover, it even included unencrypted customer login information and private IP address.

Such overt details, according to the researchers, could facilitate criminals in conducting phishing attacks, corporate espionage, identity theft as well as physical threats.

Database Now Offline

The researchers found the exposed database on February 12, 2020. After investigating for four days, they found that the database belonged to Decathlon Spain, and possibly, to Decathlon UK too.

They then notified the firm about the breach on February 16, 2020, who closed the database the very next day. It means, for now, the threat is over. The researchers advise users to contact Decathlon and enquire about the incident to assess their data security.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!