B&Q leaks data on shoplifting suspects

EASTLEIGH, U.K. — B&Q has taken information on shoplifting suspects offline after a security researcher alerted the DIY chain that the data could be accessed without a password. Lee Johnstone, CEO of Ctrlbox Information Security, blogged last week that more than 70,000 logs detailing names of suspects and product information were exposed on an open-source search-engine server. A B&Q spokesperson questioned that number and claimed the blog contained other inaccuracies but did not specify further. “We have closed the issue down and are continuing to investigate how it occurred,” she told the BBC.

https://hardlines.ca/wp-content/themes/hardlines-responsive