ADVERTISEMENT

Thomson Reuters collected and leaked at least 3TB of sensitive data

Thomson Reuters left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format.

Thomson Reuters data leak

Image by Shutterstock.

Vilius Petkauskas
Vilius Petkauskas Deputy Editor
Oct 27, 2022 Updated: 3 November 2022 8 min read
  • Media giant with $6.35 billion in revenue left at least three of its databases open
  • At least 3TB of sensitive data exposed including Thomson Reuters plaintext passwords to third-party servers
  • The data company collects is a treasure trove for threat actors, likely worth millions of dollars on underground criminal forums
  • The company has immediately fixed the issue, and started notifying their customers
  • Thomson Reuters downplayed the issue, saying it affects only a “small subset of Thomson Reuters Global Trade customers”
  • The dataset was open for several days – malicious bots are capable of discovering instances within mere hours
  • Threat actors could use the leak for attacks, from social engineering attacks to ransomware

The leaked data

Thomson Reuters data leak
Examples of passwords/credentials to a third party server (top) and connection string logs (below) on the database. Image by Cybernews.
“This instance left sensitive data open and was already indexed via popular IoT search engines. This provides a large attack surface for malicious actors to exploit not only internal systems but a way for supply chain attacks to get through,”
Sasnauskas said.

The company’s investigation

Thomson Reuters leak
ADVERTISEMENT

Significant impact

“Information stored on the server is extremely sensitive. Cases like these raise questions about corporate data collection practices. The ramifications of a data leak of such scale are worrying to say the least,”
Sasnauskas explained.

Why did it happen?

Exposed in the past?

“This non-production server only houses application logs from the pre-production/implementation environment of that product and is only associated with a small subset of Thomson Reuters Global Trade customers,”
the company explained.

Avoid at all cost

ADVERTISEMENT