Not a day goes by without a new data leak, by the look of things. Certificate authority Let’s Encrypt has been leaking customer details as of late, albeit it only concerns email addresses. So far, no reports indicate passwords or other sensitive user information was leaked as well.
Let’s Encrypt Is Not So Secure After All
Whenever a hacker manages to access sensitive user details, there is a great cause for concern. But data leaks do not always occur as the result of hacking. In some cases, companies themselves will leak sensitive user information, such as email addresses. Albeit this may not sound significant, these users will be facing a lot more spam and other social engineering attempts via emails.
In the case of Let’s Encrypt, a very popular online certification authority, they accidentally leaked email addresses belonging to several thousand users. The company also acknowledged this unfortunate incident on their social media account. Moreover, the team apologized for the error:
We’re aware of an issue with emails sent over the past few hours and apologize for the error. More information: https://t.co/ExiCXCuCpb
— Let's Encrypt (@letsencrypt) June 11, 2016
Albeit the email sent to its users was not malicious by any means, the update subscriber agreement had some unfortunate consequences. All of the email addresses belonging to the subscriber list were made publicly available. Keeping in mind how there are 7,618 email addresses on this list, that is quite a lot of sensitive information being leaked.
What is rather interesting is how not all subscribers saw the same amount of leaked email addresses. Every email contained an address from the emails sent before it, and earlier messages contained far less information. Things could have been much worse, though, as the system had originally planned to send out 383,0000 emails.
Source: Threatpost
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.
