An error by Dow Jones & Co. in configuring a cloud-computing service left addresses and other information about subscribers to some of its products, including The Wall Street Journal, exposed to possible unauthorized access, reports Robert McMillan of The Journal.
McMillan writes, “About 2.2 million subscribers’ records were affected, a Dow Jones spokesman said. Some of the records included customer names, usernames, email and physical addresses, and the last 4 digits of credit-card numbers, although some records were missing parts of that information, the spokesman said.
“The exposed data was discovered by UpGuard Inc., a cybersecurity firm, which said they notified Dow Jones of the leak on June 5.
“‘We immediately remedied the situation and have no reason to believe that any data was taken,’ said the Dow Jones spokesman, who said the exposed data didn’t include passwords. He declined to say whether the company planned to notify affected customers. The data ‘did not include full credit-card or account-login information that could pose a significant risk for consumers or require notification,’ he said.”
Read more here.