Cloud hosting provider DigitalOcean has unveiled a data breach after a flaw disclosed customers’ billing information. To take control of the matter, the company sent out an email to the affected customers. The email informed about a “flaw” that enabled an unapproved user to access customers’ billing details between April 9th, 2021, and April 22nd, 2021.
“An unauthorized user gained access to some of your billing account details through a flaw that has been fixed. This exposure impacted a small percentage of our customers,” reads the email sent to consumers. The email further informs that the breached information comprises a customer’s billing name, billing address, payment card expiration, last four digits of credit card, and the payment card’s bank name.
Moreover, DigitalOcean declares that they have fixed the flaw and revealed the breach to data protection authorities. However, it is not clear which of the agencies were notified. Tyler Healy, VP Security at DigitalOcean, stated that this flaw disclosed only 1% of billing profiles. In addition to patching up the vulnerability, DigitalOcean has stated that the company has also added additional security controls to user accounts.
Furthermore, the firm also guarantees to further expand its security measures to prevent such situations from occurring again in the future. Applicable privacy authorities have also been reported the data breach. Corporations with clients in Europe are subject to GDPR and can face penalties of up to 4% of their global annual revenue.
Last year, the cloud company raised $100 million in new debt, followed by another $50 million round, months after downsizing the company due to the firm’s financial health. In March, the organization went public, raising about $775 million in its primary public offering.
Image Source: WPEXPLORER