Religious website service Clover Sites exposed customer data for at least six to seven months, with the dataset found twice in two separate, insecure cloud databases. Clover offers a content management system for building and managing faith-based websites, with a Clover Donations module for accepting money online. The exposed data appears to be all of Clover Site s customer accounts, past and present, researcher Jeremiah Fowler wrote in an analysis this week. The same data set popped up in a separate unsecured database about a month before Fowler’s discovery. Clover refused to take the issue seriously until October, five months after he originally reported the issue to the company.
Source: https://threatpost.com/religious-website-data-exposed-months/149535/