Expanding list of security breach victims, another incident appears on the Internet displaying customer data. This time, the affected company is Open Exchange Quotes, which is a commercial API provider that facilitates many companies.
Open a breach of exchange rate data
It was reported that the company's open exchange rates had revealed a data breach that affected clients' personal information.
The news of the accident was made public after a breach notice sent by the company on the Internet.
As explained in their letter, the company noticed the violation after it received many complaints about their API.
“On Monday 2 March 2020, we received reports that requests to our API were taking longer than usual to receive a response, which resulted in a timeout period for a number of users.
Upon investigation, we determined that this was the result of a wrong network configuration.”
Further investigations into the matter have made the company aware of a security breach.
“While correcting the underlying network issue, we determined that changes were made to the AWS environment through an unauthorized user account.”
Specifically, they noticed that an unauthorized user could gain access to a compromised secure access key via their AWS infrastructure, thus accessing their database.
Surface scratching revealed that the attacker first reached its systems on February 9, 2020. The attack lasted for about a month without being detected.
While the attack does not seem to specifically aim at stealing user data, the hacked database contains some customer information. This includes usernames, email addresses, hashed passwords, IP addresses, business names and addresses, country, website address, and account application IDs.
Security measures are in progress
Upon discovering the breach, open exchange rates acted quickly to contain the attack and initiate investigations. Currently, they do not guarantee that the compromised data will not be misused, nor have they stored any passwords in plain text.
However, as a precaution, they reset passwords for all users. They also recommend creating new API keys.
“Since the application IDs (API keys) connected to your account may also be affected, you may also wish to create new IDs to access the service via your account control panel. We have no evidence that it is used to access the API, however it can be used to inquire about exchange rate information from our service using your account.”