- A fax machine vendor from the US was included in last month’s humongous Cit0day leak.
- There are 560,000 records in the database containing email addresses and passwords in plain-text form.
- The company has not responded to the notifications and has failed to inform its customers of the compromise.
The New Jersey-based fax machine reseller ‘Fax Express’ has leaked the email addresses and passwords of about 560,000 of its customers. The event happened through a database leak included in the “Cit0day.in” packs that saw the light last month. Unfortunately, everything in the database was unencrypted, so the passwords are in plain text form.
‘Fax Express’ never realized the breach or simply chose not to disclose it when it happened. Additionally, the firm failed to respond to the researchers of CyberNews, who attempted to contact them on November 16, 2020, to inform them about the involved risks. Maybe they should have tried sending them a fax. read more here