- Security researcher find unencrypted database belonging to Australian fashion brand
- It contained names, email addresses, phone numbers, and more, of at least 3.5 million people
- SABO is warning users to be on their guard
Australian fashion brand SABO leaked sensitive data on millions of its customers by keeping an unencrypted, non-password-protected database on the internet, available to anyone who knew where to look.
Jeremiah Fowler, a security researcher known for discovering these types of leaks found a 292 GB archive, containing 3,587,960 .PDF documents containing names, physical addresses, email addresses, phone numbers, and other personally identifiable information (PII) belonging to both retail and corporate SABO customers.
The number of entities whose information was leaked could be around 3.5 million, but it could also be – fifty times as many.
Locking the database down
“In one single PDF file, there were 50 separate order pages, indicating that the total number of potential customers is higher than the total number of PDF files in the database,” Fowler explained.
The information was generated via an internal document management storage system, designed to track sales and returns, as well as the corresponding domestic and international shipping documents.
Since the file dates range from 2015 to 2025, it is safe to assume that some of the information is outdated, and some is highly relevant.
Fowler reached out to SABO with the information, and the database was locked down “within hours”. However, the company never replied to the researcher’s email, so we don’t know for how long the database remained open, who maintained it, or if someone managed to find and exfiltrate the information before he did.
SABO is an Australian fashion brand, designing and selling exclusive collections of clothes, shoes, swimwear, sleepwear, and formal attires. It is primarily an Australian brand, operating in the country. However, it also sells its products online and allows for worldwide shipments.
It currently has three stores in the country and has reported an annual revenue of $18 million for 2024.
You might also like
- Dior fashion brand hit by cyberattack and customer data leaked – here’s what we know
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.