ADVERTISEMENT

Enterprise software provider Tmax leaks 2TB of data

A Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records.

Tmax logo

By Cybernews

Jurgita Lapienytė
Jurgita Lapienytė Chief Editor
Nov 21, 2023 Updated: 22 November 2023 2 min read
  • Employee names, emails, and phone numbers
  • Employee/employment contract numbers
  • Contents of sent attachments (docx, pdf)
  • Metadata of sent binaries (executable names, the file path of where they were stored, version names, etc.)
  • Employee IPs, user agents, and URLs of accessed internal tools
  • Internal issue tracking messages
ADVERTISEMENT
  • Employee emails – the company should change its email naming structure, employ stricter SPAM filtering policies, and provide training for employees on how to spot and report phishing emails.
  • The company should change employee phone numbers and start using EDR on employee phones.
  • Employee/employment contract numbers – the company should make sure that they don’t use these as secrets (username or password, or a second-factor authentication).
  • Contents of sent attachments and binary metadata – the company should review these documents, looking for any weak points that might be abused, and update their threat landscape according to their findings.
  • The company could provide credit and dark web monitoring services for their employees.
  • Employee IPs, user agents, and URLs of accessed internal tools – the company should monitor these tools more closely and not rely on Static IPs or user agents to verify the legitimacy of the connection.
  • Internal issue tracking messages – the company should prioritize fixing any tracked issues that could compromise the security of their products.
ADVERTISEMENT