Breach In ENC Security Server Leads To Leak Of Critical Business Data
By: Jim Stickley and Tina Davis
January 20, 2023
There have been reports of ENC Security leaking sensitive business data. The leak has been going on since May 2021. The company provides encryption software for storage devices such as USB keys and memory cards. This is a concerning development for anyone who has purchased a SanDisk, Sony, or Lexar storage device in the past, as it is possible that their personal data may have been compromised.
ENC Security is a Netherlands-based company that supposedly offers “military-grade data protection” using its DataVault encryption software. However, according to the reports of the Cybernews research team, there was a leaking server that disclosed a range of several configuration and certificate files, making the encryption vulnerable, if an unauthorized party accessed the leaked files.
The report also points out that the server leaked crucial business information, such as SMTP credentials required for sales channels, HMAC message authentication codes, private and public keys, licensing payment API keys, Mailchimp API keys, and single payment platform’s Adyen keys.
What does this mean? Well, an attacker could use the information to set up targeted phishing campaigns, like send out fake invoices pretending to be a legitimate vendor. This could ultimately lead to business email compromise (BEC), where someone is tricked into wiring funds to a bad actor, rather than the legitimate business contact.
Being able to detect phishing is a valuable skill to have for anyone in any organization and for anyone at all. Phishing attacks are not choosy about age, gender, status, or anything else. But, they can be particular with their targets in some caes. This is true for those with access to information that may be valuable to an attacker or for those working in the financial areas of a company. They will take time to figure out who those people are in many cases.
A couple of easy ways to identify phishing are:
- Misspelled words
- Poor grammar and punctuation
- Blurry graphics and images
- A link or attachment that is not expected or is from an unknown sender
- An outrageous request or request to change wiring instructions that are not expected
- A threat that if quick action is not taken, something bad will happen
This server had been exposing data from May 27, 2021 to November 9, 2022. Fortunately, ENC Security shut down the server after Cybernews revealed the leaking server and the threat it caused to the businesses.