Though this was secured after being informed, the exposure could be leveraged for various malicious activities if found by the threat actor before. Thus, customers of Sennheiser from North America and Europe are advised to be cautious, who submitted any details to the company in the past.
Exposing Customers PII
Companies exposing their customers’ data due to improper storage configurations have become normal lately. The latest one joining this pack is the popular German audio gadget maker – Sennheiser. Being in business since 1945, Sennheiser is still a privately owned business maintained by the founder’s family. It produces audio equipment like headphones, microphones, sound recorders, and aviation headsets for individuals and businesses.
— vpnMentor (@vpnmentor) December 16, 2021 Thus, the contents of exposed information include;
Full names Email addresses Phone numbers Home addresses, and Names of companies requesting samples of over 28,000 customers from 2015-2018.
This was soon informed to Sennheiser, and the company responded by securing the servers within a week. However, while it’s secured now, it’s unknown whether anyone has accessed the exposed bucket before researchers, putting the concerned customers at risk. With the above details being leaked, customers can be subjected to identity theft, tax fraud, insurance fraud, mail fraud, bank account takeover, debit or credit card fraud, or mortgage fraud or data storage format, said, researchers. While Sennheiser hasn’t come up with an announcement yet, it’s the customers’ job to safeguard themselves from any potential cyberattacks. It was found that most impacted customers are from North America and Europe, so should watch out for any hacks carefully.