In yet another super-sized cloud data breach, Walmart’s Bonobos men’s clothing stores suffered a 70 GB hack against its backup cloud server. A notorious threat actor called ShinyHunters is responsible for the breach that captured the massive server and exposed the personal information of millions of Bonobos’ customers. The breach was the result of a misconfigured cloud database, a problem that is becoming more prevalent as dependence on cloud use continues to grow. ShinyHunters is well known for selling databases hijacked from online services, but in this case the full database contents were posted for free on a hacker forum.
Bonobos, purchased by Walmart in 2017, says their corporate systems weren’t involved in the hack. What was included were customer files including addresses, phone numbers, password histories, partial credit card numbers, and order information. One hacker claimed to have cracked 158,000 of the customer passwords, putting them into a “combolist” used for credential stuffing and targeted phishing attacks.
Clouds in the Crosshairs At a time when more employees are working from home than ever before, the cloud has become an invaluable part of a company’s data storage. For Bonobos, the cloud settings were misconfigured in a way that allowed the breach. However, the responsibility for the settings currently falls on the company, as many cloud settings are put in place by third parties that are often behind securing the business data. Assuming a third party will enact proper settings to secure the cloud data is a mistake way too many businesses are making. What should be a shared responsibility between cloud managers and the companies who use them, Bonobos has become a prime example of the failure to do so. Gartner believes by 2022, more than 95% of cloud security failures will fall to the responsibility of the cloud customer. Unfortunately, finger-pointing won’t save cloud data from being stolen, and online retail customers should take actions to protect their Bonobos and other accounts from further damage.
Bonobos Customer Security Steps
Immediately change your Bonobos account password, and do the same for other accounts sharing the same password.
When strong and unique passwords are used for every account, it keeps data stolen from one site from affecting other accounts.
Beware of emails asking for login or credit card information. These are likely phishing expeditions by those who have your data from the Bonobos hack.
Bonobos is sending email alerts to customers about the data breach. Double and triple check the email is legitimate and not an email phishing campaign by bad actors. Remember not to click links, but go directly to the website to login to your account to check account information.