iTnews

ABBYY 'temporary data breach' exposed 200,000 scanned docs

By Staff Writer, SC Magazine on Aug 28, 2018 2:40PM
ABBYY 'temporary data breach' exposed 200,000 scanned docs

Database left open to internet.

ABBYY, a maker of optical character recognition software, left an AWS-hosted MongoDB containing 142GB of scanned documents open to the public internet.

Independent security researcher Bob Diachenko found the openly accessible MongoDB instance and said it was taken down by the company within two days of being notified.

However, Diachenko said in a LinkedIn post that “questions still remain as of how long it has been left without password/login, who else got access to it and would they notify their customers on the incident.”

ABBYY said in a statement to Diachenko that the “temporary data breach ... affected one of our customers.”

“We corrected this issue and appreciated your validation that the vulnerability noted was resolved,” it said.

“We have notified the impacted party and have taken a full corrective security review of our infrastructure, processes and procedures.  Our commitment to security and trust is extremely important.”

The open database contained 200,000 “contracts, NDAs, memos, letters and other internal documentation, properly OCR'd and stored”, according to Diachenko.

ABBYY provides a wide range of software and apps for digitising paper-based assets.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
abbyy data breach ocr security

Partner Content

Beat the DDoS blackmails in 2021
Partner Content Beat the DDoS blackmails in 2021
Why companies fail at picking cloud modernisation partners
Partner Content Why companies fail at picking cloud modernisation partners
Shut the door on ransomware
Partner Content Shut the door on ransomware
MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Ensure your e-signatures are legally binding
Ensure your e-signatures are legally binding
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • Beat the DDoS blackmailers in 2021
By Staff Writer, SC Magazine
Aug 28 2018
2:40PM
0 Comments

Related Articles

  • BTC Markets exposes customer names, emails in botched blast send
  • Orchard worker recruiter exposed sensitive personal data
  • City of Port Phillip leaks personal details in data.gov.au blunder
  • NSW govt requests to privacy watchdog climb 171 percent
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Tyro halts trading following week-long outage

Tyro halts trading following week-long outage

Defence switches on initial SAP ERP system capability

Defence switches on initial SAP ERP system capability

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.