The Estée Lauder Companies Inc. accidentally left over 440 million records publicly exposed after failing to password-protect a corporate database, according to a researcher who spotted the oversight. The misconfigured database was found to contain user emails in plain text, including those sent from internal email addresses; references to reports and internal documents; and IP addresses, ports, pathways and storage information. Additionally, it stored Production, Audit, Error, CMS and Middleware logs. All in all, a grand total of 440,336,852 was left open for public discovery.
Source: SC Magazine
