Thomson Reuters said it has notified a “small subset of customers” of a misconfigured server after researchers discovered 3 TB of data in an exposed cloud database.
Thomson Reuters confirmed that it was alerted to the misconfigured servers by Cybernews, a cybersecurity research organization, which found they had been left accessible since October 21.
The company published a report saying their researchers found three databases accessible to anyone, one of which had “a trove of sensitive, up-to-date information from across the company’s platforms.”
Cybernews said evidence from the server showed that the open instance “was used as a logging server to collect vast amounts of data gathered through user-client interaction,” with some data samples logged as recently as October 26.
“In other words, the company collected and exposed thousands of gigabytes of data that Cybernews researchers believe would be worth millions of dollars on underground criminal forums because of the potential access it could give to other systems,” the researchers said. Among the cache were “credentials to third-party servers.”
The Thomson Reuters spokesperson said an investigation was launched as soon as Cybernews notified them of the issue.