A vulnerability in the Outage app of electricity network provider Vector may have exposed the personal information of more than 35,000 customers in New Zealand. Following the severe storm which battered the country earlier this month, the company was “made aware” of an API vulnerability within its application. As a result, the glitch has allowed users with an understanding of web applications to identify the vulnerability and potentially exploit it to see information about other application users. The provider first reported that as many as 24,000 users may have had name, phone number and address details accessed, before updating the number to 35,000.
ORIGINAL SOURCE: Reseller