Digital Marketing Agency Exposed 92 Million Records Online Including Employee and Client Data.

Jeremiah Fowler

Jeremiah Fowler

Director of Security Research and Senior Communications Consultant

2 minutes read
Digital Marketing Agency Exposed 92 Million Records Online Including Employee and Client Data. - Security Discovery

Several months ago I discovered a non-password protected database that contained 92 million records. Upon further investigation it appeared to belong to the Cronin digital marketing agency. The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. These records included internal data such as employee and client information. Also included in the dataset was a “Master Mailing List” with direct physical names, addresses, Salesforce IDs, phone numbers, and references to where the leads came from.

We are finally going through a backlog of discoveries and highlighting the potential vulnerabilities and give real world examples the cyber security risks associated with the data breach.

Cronin digital marketing agency was acquired by Horizon Group of North America and has a clients list of well known American brands such as Dunkin Doughnuts, Lego, Henkel, Loctite to mention a few.

Here is what was discovered:

Click here to read my full report: 

← Back to Blog

Got your attention?

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform. Protect your business proactively - get in touch today for personalized digital security solutions.

Address
Business Development
Virginia, United States
Address
Research & Development
Kyiv, Ukraine
Address
Technical HQ
Hamburg, Germany