A database with 3,587,960 records was exposed, with no password protection or encryption. The information in the files suggested that it belonged to SABO, an Australian-based fashion company (although it is unknown if the company manages the database directly). 

Files date back as far as 2015. Exposed information includes: 

• Names 
• Phone numbers
• Physical addresses
• Email addresses

The company sells at physical locations, but also provides shopping services on its online store. With retail organizations being increasingly targeted by malicious actors like Scattered Spider, protecting the personally identifiable information (PII) of customers requires a greater level of security. 

At this time, the database has been restricted. It is unknown how long it was exposed, or if any malicious actors gained access.