Open Exchange Rates Data Breach Leaks Passwords and User Information
Open Exchange Rates, a public API, has sent a notification of data breach to its customers, announcing that hackers had access to their systems and data for a month.
According to the notification, provided by Sylvia van Os, a Linux and Open Source engineer/consultant, the company says the security breach occurred at one of their third-party IT providers and that it appears that a secure access key for their Amazon Web Services (AWS) infrastructure was compromised. "Using these compromised credentials, an unauthorized third party was able to gain access" to their network, including a database containing user data, says the company.