- VTEX -Database exposed six million users due to an incorrectly configured, unauthorized Sky Container
- Leaked data includes e emails, addresses, phone numbers and detailed purchase stories
- Cybergenws warned VTEX and Brazilian Cert after six months without response from VTEX
The global E -trading company VTEX was found leaking sensitive customer data on millions of people, experts have warned.
The alarm was sounded by cyber security scientists at CygenerwsAt Who claimed despite their best efforts, they couldn’t reach VTEX and get the company to connect the leak.
Cybergenws said its researchers in late February 2025 discovered an unprotected database containing a “massive chunk” of user data. “The data cover derives from an unauthorized container. This is a common incorrect configuration caused by human error leaving the cloud storage environment without a password. It makes private data potentially visible that search engines and available to all online,” the report states.
No answer
In total, six million people allegedly have their information outdoors, including E email addresses, mailing addresses, phone numbers, order information and other purchase stories -more than enough information to start phishing attacks, identity theft and possibly even wire fraud.
The information was stored in parquet format, a column data storage type used to organize large datasets that are often part of a wider data analysis system.
Cygenerws Tried to reach VTEX to make them unlock the database, but allegedly they’ve never heard back – in more than six months.
The researchers were then forced to report the conclusions of the Brazilian certificate as well as to publicly reveal their conclusions.
“We have decided to send our findings to help customers remain vigilant in front of the seasonal shopping -gallblest that is about to kick off,” Cygenerws Said, referring to the fast -paced Black Friday.
VTEX is a Brazilian software company that offers a Cloud Commerce Platform (SaaS) for Digital Trade. It operates in 38 countries, strengthens more than 3,000 online stores and services large brands such as Coca-Cola, Sony or Samsung.
If you made purchases from any of VTEX’s clients at the end of 2024 and early 2025, there is a good chance that you are affected. You can always run your E -Mail address via GardenPwned? To see if you are exposed and you can also be aware of the incoming spam -e emails to see if anyone comes from VTEX’s customers -just make sure not to interact with any of the incoming messages.
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
