The hosting provider Digital Ocean has informed some customers about security problems, due to which a number of details about their accounts were disclosed to third parties.
– Lucas Leal (@lucaslealdev) May 8, 2020
According to the letters that the company sends out, the leak occurred due to the fact that some internal Digital Ocean document mistakenly appeared in the public domain, where strangers could see it. It is known that unknown persons accessed this internal document at least 15 times while it was available online.
Representatives of the hoster write that the file contained information about about 1% of the total client base of the company.
In the leaked document, one could find several types of user data, including customer email addresses and their corresponding user names, technical data of accounts, including the number of droplets (servers) owned by the client, bandwidth usage, information about contacting support or sales department, the amounts paid by the client during the calendar year 2018.
Digital Ocean experts assure that so far they have not found any attempts to unauthorized access to the servers of the affected clients.
“Our community is built on trust, so we are working to ensure that more of this does not happen again,” the company writes. “We will train our employees to protect customer data, introduce new procedures for more timely notification of potential incidents, and also make configuration changes to prevent possible data leaks in the future.”