According to TechCrunch, DigitalOcean has warned customers via email about a data breach with the customer’s billing data.
The cloud infrastructure giant told its customers on Wednesday in an email it received from TechCrunch that it “has confirmed unauthorized disclosure of details related to the billing profile in your DigitalOcean account.” The company said the person “gained access to some of your billing account information through a bug that has been fixed” between April 9 and April 22 over a two week period.
In the email, the customer’s billing name and address as well as the last four digits of the payment card, the expiry date and the name of the card-issuing bank were given. The company stated that customers’ DigitalOcean accounts were “inaccessible” and passwords and account tokens were “not involved in the breach”.
“To be extra careful, we have implemented additional security monitoring for your account. We are expanding our security measures to reduce the likelihood of such an error [sic] in the future, ”says the email.
DigitalOcean said it fixed the bug and notified data protection authorities, but it is not clear what the obvious bug was that compromised customers’ billing information.
In a statement, DigitalOcean’s chief security officer Tyler Healy said 1% of billing profiles were affected by the breach but declined to answer our specific questions, including how the vulnerability was discovered and which authorities were informed.
Companies with customers in Europe are subject to the GDPR and can expect fines of up to 4% of their worldwide annual sales.
Last year the cloud company did raised $ 100 million in new debt followed by another $ 50 million roundmonths later Dismissal Dozens of employees are concerned about the company’s financial health. The company went public in March and raised approximately $ 775 million as part of its initial public offering.