Menu
Commvault wades in as Veeam exposes 445M records

Commvault wades in as Veeam exposes 445M records

Error uncovered by security researcher Bob Diachenko

Ratmir Timashev (co-founder, Veeam)

Ratmir Timashev (co-founder, Veeam)

Credit: Veeam

News that Veeam left 445 million customer records on an open server from Amazon Web Services has created a feeding frenzy within the channel, spearheaded by industry rival Commvault.

The error was uncovered by security researcher Bob Diachenko, who found an exposed Veeam MongoDB containing 445 million records, equating to 200GB of data.

The exposed database contained information on marketing leads, including names and email addresses.

“Another week, another misconfigured MongoDB server incident,” wrote Diachenko, via social media. “This time, ironically, database appeared to be handled by Veeam, company that develops back-up, disaster recovery and intelligent data management software for virtual, physical and multi-cloud infrastructures.

"A 200-GB database included vast massives of data that is apparently used by Veeam marketing automation team to reach out to their customers using Marketo solution (Marketo is a software company focused on account-based marketing, including email, mobile, social, digital ads, web management, and analytics)."

After TechCrunch informed the vendor of the exposure, the publication said the server was "pulled offline within three hours”.

“The Veeam incident is unfortunate for a self-described intelligent data management company, but the reality is it could happen to any organisation,” said Chris Gondek, principal architect at Commvault.

“Rather than spread fear, uncertainty and doubt about a lack of capability, this incident should serve as a reminder to all organisations that data is an asset and a catalyst to many initiatives - and it must be protected.”

According to Gondek, all organisations must be prepared for data loss scenarios for "when, not if, it happens".

“Perimeter security is a prevention method, at best,” he added. “Organisations need a proper data protection plan, with particular focus around recovery readiness and disaster recovery.

“It’s also time organisations hold business vendors that deal in data to the same standards as you would financial institutions. Take data found in the cloud: there is a perception that the cloud is more secure; that they’re the specialists and your data is not at risk.

“At the end of the day, your organisation is responsible for your data and information, irrespective of where you place it.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags commvaultveeam

Featured

Slideshows

Reseller News launches alumnae breakfast for Women in ICT Awards

Reseller News launches alumnae breakfast for Women in ICT Awards

Reseller News hosted the first alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers.

Reseller News launches alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established partners, emerging players and innovative start-ups, in front of over 460 technology leaders in Auckland.

Reseller News Innovation Awards 2018: meet the top performing partners
Show Comments