image credit: Pixabay

Cosmetics firm Avon faces new cyber security incident

July 29, 2020

Avon, the cosmetics brand that suffered an alleged ransomware attack in June 2020, has found itself at the centre of a new and significant security incident after inadvertently leaving a Microsoft Azure server exposed to the public internet without password protection or encryption.

Discovered by Anurag Sen of security tool comparison service SafetyDetectives, the vulnerability meant that anybody who possessed the server’s IP address could have accessed an open database of information.

Read More on Computer Weekly