Turgensec, the London based information security firm had quite a 2020. They disclosed data breaches at Virgin Media, 193 law firms (including some magic circle ones), and many more…
They had been suspiciously silent in 2021. Perhaps the state of information security has improved?
On the 2nd of April TurgenSec broke their silence and announced that they had disclosed another data breach. Procore is a construction management software company that recently raised at a $5 billion valuation after postponing their IPO.
According to the TurgenSec Responsible Disclosure Notice: “This breach was accessed and downloaded by at least one unknown third party.“
Who has this data?
The disclosure states that over 270,000 emails were contained within the data breach.
This breach follows in a long trend of companies failing to uphold basic ongoing due diligence and leaving their data open on the internet to be accessed by anyone with a browser and internet connection.
The breach disclosure states: “The information was left public facing where anyone with a browser and internet connection could access if they knew where to look.”
Breached Data Headings:
Read Turgensec’s full disclosure: