Information exposed by the misconfigured ClickBalance database included API keys, access tokens, secret keys, tax identification numbers, and bank account numbers, as well as more than 381,000 email addresses, a report by cybersecurity researcher Jeremy Fowler published on WebsitePlanet showed. No additional information regarding potential unauthorized access to the database, which was secured by ClickBalance within hours of Fowler’s disclosure, was provided but the exposed data was noted by Fowler to possibly result in long-term security risks to impacted organizations and individuals.
Source: SC Magazine