The database, alarmingly, contained data of over 51,000 customer service exchanges and included personal details, thus jeopardising individual customer identities. It housed explicit information such as customer names, email addresses, phone numbers, and specific timestamps of their interactions. Notably, the data provided in-depth details of chat exchanges with support agents and pertinent order information.
An intriguing observation within the database revealed that each customer query was evaluated based on certain keywords, which determined the “sentiment” of the complaint, categorising them as either “negative” or “neutral”. This evaluation further influenced the “priority” of these interactions in the queue.
Among the disclosed data, certain aspects were particularly perturbing. The “chat” section divulged details regarding the customer’s operating system, browser, location, and even their internet service provider. Moreover, the “phone” section displayed comprehensive call details, often inclusive of transcripts with intricate order information. Thankfully, this breach did not expose any financial details or passwords.
The database, intriguingly labelled as “migration”, is postulated to act as a transient repository during data movement between servers. The pressing query that lingers is: How could such a database remain unprotected in the vast expanse of the internet?
Source: Tech Crunch