Large Energy Supplier Suffers Data Breach Caused by Unsecured Cloud Storage

A large energy supplier in New England, Eversource, has reported it suffered a data breach due to customers’ personal information, including names, social security numbers, and more, being left exposed on an unsecured cloud server. The company discovered the breach during a security review in mid-March, when it found a cloud data storage folder that was misconfigured so that anyone could access its contents. Eversource immediately secured the folder and has stated that there is no indication that any of the data was acquired or misused by unauthorized people. While this may be true, Eversource’s customers are being advised to monitor for cases of identity theft. To assist, Eversource is offering a free 1-year identity monitoring service. Customers are also encouraged to be on the lookout for possible phishing emails pretending to be from Eversource, or other companies, that utilize the exposed data to harvest further information. Read more at Bleeping Computer.