Online printing giant Vistaprint left a customer database exposed, resulting in the access of information belonging to some of its USA, UK and Irish customers. It is estimated that up to 51,000 customer interaction information was held on the database. The information was mostly recordings calls to customer service or chats with an online support agent. Customer identifiers such as names and contact information were also exposed.
It’s a serious security lapse. Especially, in the fact that several GDPR rules were broken; the database was unencrypted, and there was no password to the database, meaning anybody could access. It’s not clear why the database was left vulnerable. The company, are launching an investigation into the breach and are notifying those affected. It’s not known of the Data Protection Commissioner has been notified of the breach.
If you are concerned that you could be affected by the breach, it is recommended that you change your Vistaprint password. And be looking out for a breach notification sent to you.