DigitalOcean, one of the world’s leading cloud infrastructure providers, announced that the company was subject to a data breach and customer payment information was leaked.
American cloud infrastructure provider DigitalOcean sent a warning to customers that their payment data was leaked. The company said anonymous individuals “had access to some billing information” between April 9-22.
The hackers learned the names and addresses of customers to be billed, as well as the last four digits of the payment cards, their expiration dates, and the name of the card issuing bank. DigitalOcean claims that the attackers were unable to leak user passwords.
Authorities have been notified
It was stated that the attack occurred due to a vulnerability that the provider had already eliminated and was reported to data protection authorities. DigitalOcean has now taken additional security measures.
DigitalOcean security chief Tyler Healy said the attack affected 1% of payment profiles. However, he refused to answer questions about how the vulnerability was discovered and which authorities knew about it.
A company that now has customers in Europe can face fines of up to 4% of its annual revenue under the GDPR. DigitalOcean went public this March and raised nearly $ 775 million in its initial public offering.