• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

  • Home
  • About Us
  • Solutions & Services
    • Security Governance
    • NETWORK SECURITY
    • CLOUD SECURITY
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Retailer Company Hit With Ransomware After Reveling Customer Data

By kamran | At October 22, 2022

Oct 22 2022

Retailer Company Hit With Ransomware After Reveling Customer Data

An online retailer company, Esquimal, leaked their customers’ data in an open server. Malicious actors immediately found the leak and asked for ransomware from the company while blocking their access.

During an investigation, the Cybernews research team found an unprotected server with 9.2 GB of vulnerable data from thousands of customers, containing personal information like names, contact numbers, and email addresses. 

The leaked data was of the customers of a Mexico-based online retailer, Esquimal. 

The data consisted of personal information that customers gave while placing orders. Surprisingly, all that personal information was kept on an unprotected server. 

One of the members of the Cybernews team said, “Whenever a company is hacked, they will bear the impact financially, reputationally, and depending on other circumstances, executives or boards can be held liable with civil, even possibly criminal, charges,”

Plaintext Credentials

Unfortunately, customers’ personal information was not the only thing that was compromised. They also leaked data consisting of crucial plaintext credentials. Moreover, there were names, emails, and passwords of many Esquimal employees. 

The malicious actors could use those credentials to log in to the company’s database anytime they want. Also, they could hack Esquimal’s customer support system; chat support, WhatsApp, and Facebook Messenger. Eventually, cybercriminals can access a lot of important information through the customer support system.

The Ransomware Hit

The Cybernews team took notice of the situation and immediately contacted Esquimal. The team also found a ransom note on the server. 

The threat actors took advantage and hit the company with ransomware of 3000 Euros. Also, they demanded the money be deposited in a cryptocurrency wallet. 

Even though the company handled the situation and the ransom note disappeared after a couple of days, Esquimal continued storing the sensitive data without any protection. 

Moreover, the cybernews team found that the sensitive data also disappeared from the servers, which means the company decided to compromise the data instead of paying the ransom and protecting the sensitive data.

The cybernews team also said, “Most customer support systems collect a large amount of personal information, often way more than is needed to process the request,”

Costly Mistakes

Companies, especially online retailers, often make the mistake of carelessly leaving the sensitive and personal information of their customers on open servers. Honestly, customers’ privacy is the least of their concerns, which leads to major data leaks and cyber crimes. 

When such leaks and hacks happen, it is just not the customers who are impacted. In fact, the company also faces massive losses, both reputationally and financially. 

The two main reasons companies accidentally compromise the data are lack of knowledge and access management skills. It is essential for companies to determine what access should be given to whom. 

In short, companies should start taking security measures to protect themselves and their customers from cyberattacks and financial losses. They should learn to manage their databases efficiently, create awareness among employees about the importance of customer privacy, and explain the possible cybersecurity threats to them. 

Written by kamran · Categorized: Cyber security news, Ransomware

Primary Sidebar

Recents post

Healthcare Ransomware Surges, Pharma Sector at Risk, Major Breaches & Legal Fallout

As cyber threats grow more … [Read More...] about Healthcare Ransomware Surges, Pharma Sector at Risk, Major Breaches & Legal Fallout

Law Firms Cybersecurity Updates: AI-Powered Threats to SIEM Tools and More

Welcome to another edition of … [Read More...] about Law Firms Cybersecurity Updates: AI-Powered Threats to SIEM Tools and More

Healthcare Under Attack: Ransomware Trends, Data Breaches, and the Role of Cyber Insurance

As cyberattacks continue to … [Read More...] about Healthcare Under Attack: Ransomware Trends, Data Breaches, and the Role of Cyber Insurance

Categories

  • AI and cybersecurity (2)
  • blockchain (1)
  • Cloud security (29)
  • Compliance (25)
  • Cyber security news (108)
  • Cyber security threats (376)
  • Cyber security tips (370)
  • Data Security (3)
  • E-Commerce cyber security (3)
  • Education cyber security (1)
  • Enterprise cyber security (7)
  • Financial organizations cyber security (4)
  • General (22)
  • Government cyber security (4)
  • Healthcare cyber security (19)
  • Information Security (2)
  • Law Firms Cyber Security (9)
  • Network security (9)
  • Newsletter (1)
  • Privacy (1)
  • Ransomware (14)
  • remote work (1)
  • Risk assessment and management (6)
  • Security management and governance (9)
  • SME Cybersecurity (2)
  • Software Security (2)
  • Supply Chain Attacks (5)
  • System security (3)
  • Uncategorized (21)
  • Vendor security (14)

Archives

Footer

Infoguard Cyber Security

San Jose Office
333 W. Santa Clara Street
Suite 920
San Jose, CA 95113
Ph: (855) 444-6004

Irvine Office
19800 MacArthur Blvd.
Suite 300
Irvine, CA 92612

Recent Posts

  • Healthcare Ransomware Surges, Pharma Sector at Risk, Major Breaches & Legal Fallout
  • Law Firms Cybersecurity Updates: AI-Powered Threats to SIEM Tools and More
  • Healthcare Under Attack: Ransomware Trends, Data Breaches, and the Role of Cyber Insurance

Get Social

  • LinkedIn
  • Home
  • About Us
  • Solutions & Services
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Privacy Policy Terms of Use Acceptable Use

Copyright © 2025 | All right reserved