Blog | G5 Cyber Security

LenovoEMC Storage Gear Leaks Sensitive Financial Data

A vulnerability in LenovoEMC storage hardware and legacy Iomega-branded network attached storage (NAS) appliances could lead to a breach of data stored on the devices. The vulnerability was discovered by researchers who stumbled on 36 terabytes of data, which included payment-card numbers and financial records. The bug, disclosed Tuesday by Lenovo, is rated high-severity and can be triggered via specially crafted requests made to the hardware s application programming interface. The issue is with the NAS firmware, which requires the update.

Source: https://threatpost.com/lenovoemc-storage-leak-financial-data/146494/

Exit mobile version