Initial reports suggest a basic security error allowed the attacker to access the company’s live customer database via an unauthenticated API.

from Dark Reading https://ift.tt/lhqvrBK
via IFTTT