The cloud-hosted service gave informed the California Department of Justice about supposedly theft
Animoto, the cloud-hosted video creation service informed to the California General Attorney office that they had discovered suspicious activity in their systems last week, indicating a possible data breach due to a violation on their cyber security organization systems.
The compromised information includes dates of birth, geolocation, genres, email addresses and passwords, although it seems that payment card information remain safe.
According to the information released by Animoto, the company began to investigate after receiving an unusual activity alert on July 10. “After the review, we identified queries that were running against the user database. Queries were immediately stopped and a joint investigation with cyber security organization experts began”, the statement mentions. On 6 August, it was confirmed that the queries were not authorized and that the user data could have been obtained around July 10, 2018.
Based in new York and with an office in San Francisco, Animoto began reporting to potentially affected persons on August 16; the notification tasks continues, adding that in response to the incident, the company has changed employees and systems passwords, requesting users of the service to do the same with their passwords. Animoto also reduced the number of users who can access certain systems.
Data breaches in cloud-hosted environments are often the result of flawed configurations and poor cyber security organization habits. With increasingly automated cloud attacks, the time to detect and respond to such scenarios is extremely brief. Any access route will be discovered and used quickly to exploit an organization’s valuable assets. Companies need to monitor their threat scenarios in real time and make their different teams comply with established security policies. Continuous compliance and active protection in cloud-hosting are essential for maintaining secure and protected confidential information.
Reports of cyber security organization specialists from the International Institute of Cyber Security mention that data breaches increase by 27% each year, so organizations that work with large amounts of sensitive information should meet the highest standards in cyber security to avoid being victims of these threats.