Tarte Cosmetics, a cruelty-free cosmetics brand carried by major retailers like Sephora and Ulta, exposed the personal information of nearly two million customers via two unsecured MongoDB databases.
The databases were publicly accessible and included customer names, email addresses, mailing addresses, and the last four digits of credit card numbers of customers who apparently shopped on Tarte’s website between 2008 and 2017.
References: Tarte Cosmetics Data Leak: Cru3lty Hackers Get Hold of Nearly 2 Million Customers' Data Left Exposed | Tarte Cosmetics Allegedly Compromised 2 Million Customers’ Information | Cruelty-Free Cosmetics Brand Tarte Exposes Personal Data of 2 Million Customers
A little over a month ago, a sizable botnet of infected Internet of Things devices began appearing on the radar of security researchers. Now, just weeks later, it's on track to become one of the largest botnets recorded in recent years.
The botnet, dubbed "Reaper" by researchers, is said to have ensnared almost two million internet-connected webcams, security cameras, and digital video recorders (DVRs) in the past month.
Check out our new blog posts, plus you can follow the blog on our social media outlets.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.