A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Est..e Lauder has been found exposed online. In all, 440,336,852 individual data pieces were exposed, according to researcher Jeremiah Fowler at Security Discovery. Middleware data was exposed, which can create a secondary path for malware through which applications and data can be compromised. Fortunately, there was no payment data or sensitive employee information included in the records that Fowler saw. It s unclear how long the database was exposed or who else may have accessed the records during that time.
Source: https://threatpost.com/estee-lauder-440m-records-email-network-info/152789/