Crowd Funding Website Breached! Access to Development Server To Blame

Thursday, October 08, 2015

Peter Zavlaris

Af2c9843333cc1e2578ddf18b3eed066

‘Yesterday I learned that there was unauthorized access to a Patreon database containing user information.’ - Jack Conte, CEO Patreon

Patreon, the crowd funding website, suffered a breach late last month. The cause was an unguarded development server, which was left online. According to Patreon’s CEO, Jack Conte, the development server was accessed by a third party, and customer contact information was stolen.

Unfortunately for Patreon and its customers, the development server housed a snapshotted version of one of Patreon’s main databases, which stored the leaked customer information.

To the best of Conte’s knowledge, no passwords were leaked:

We protect our users’ passwords with a hashing scheme called ‘bcrypt’ and randomly salt each individual password. Bcrypt is non-reversible, so passwords cannot be “decrypted.” We do not store plaintext passwords anywhere.

Development servers may not seem like an attack vector. However, the Las Vegas Sands Corp suffered a catastrophic breach in 2014; Iranian hackers broke into the network using an unguarded development server.

Breaches like these are indicative of a larger issue facing security organizations -- vulnerabilities in third-party cloud services that are used by departments outside of IT to stand up corporate digital assets. According to studies,30% of IT spending occurs outside the IT department.

The root of the problem is that most enterprises espouse a ‘siloed mentality’. Inter-departmental cooperation is largely nonexistent and often discouraged. The meetup point for IT used to be the data center, but that is no longer the case.

Security has a real problem. It's increasingly left in the dark until an incident occurs. This trend is proliferating across enterprises of all sizes. Moving forward, CISOs will increasingly be forced to address security incidents occurring outside their perimeter.

Conventional wisdom would suggest that more stringent policy and enforcement of internal IT practices would prevent these problems. However, it just isn’t that simple any longer.

These developments have led to the rise of digital footprint security, this approach is designed to lower an organization’s exposure to external threats that reside outside the firewall. 

Possibly Related Articles:
17587
breach Patreon
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.