DigitalOcean discloses breach: document with customer data made public

The document that belongs to DigitalOcean was made public – customer emails and account details exposed

Leaving internal document online lead to exposed customer data. According to emails,^[1] that company started to send out the incident involves a document from 2018 that stored email addresses, account user names, and other details about sales and communication or server usage. DigitalOcean is one of the biggest web hosting platforms, so the document included data about customers, including technical account information about the number of servers owned and bandwidth usage, amount of money paid during the year 2018.^[2]

As the company stated in their official notification, the document was mistakenly left public, and it was left accessible online for a not disclosed time. However, officials ensure that it was accessed at least 15 times, as their investigations show. The security team identifies that besides this internal document, no additional parts of the network or customer database got accessed.^[3]

Updated statements from officials addressed the malicious access possibility and noted that there is no evidence regardless of such an issue. The only personally identifiable information^[4] that was exposed was stored on the particular 2018 file:

This was not related to a malicious act to access our systems. Our customers trust us with their data and we believe that an unintended use of that data, no matter how small, is reason enough to be transparent.

Less than 1% of the customer base got impacted – no malicious access confirmed

The email with warning is still coming to peoples' email boxes and informing users about the security issue. The discovery and a quick investigation revealed that the file contained only 1% of the total customer base. It was accessed by unauthorized third-parties 15 times, at least until it was taken down completely.

This incident is not indicating that the official website of the company is affected or compromised. Attackers were not accessing anything besides the file, so the login credentials of customers are not leaked or in danger.

Customers shouldn't rush into changing their login information. But service offers to enable the two-factor authentication for all the customers as the additional security measurement.

Security incidents encouraging updates in security protocols

The web hosting provider DigitalOcean ensures that any details in customers' servers are safe and not affected in this incident, so the community should trust the transparency of the company. DigitalOcean tries to work to ensure that this is not going to happen again and claims to educate employees on customer data protection.

Establishing new procedures to alert us of potential exposures in a more timely manner, and making configuration changes to prevent future data exposure,

Data breaches and other similar security incidents often come to warn businesses and infrastructures about possible risks and vulnerabilities. The recent situation in the world regarding such incidents encouraged many developers^[5] and companies to take security more seriously. Security experts often note how important is to ensure the correct protocols and precautionary measures when it comes to customer data and security and hacking risks.