A Wegmans Data Breach: Database Misconfiguration

Supermarket Suffers Database Misconfiguration

Grocery chain Wegmans recently suffered a data breach exposing customer names, passwords, addresses, and dates of birth. The culprit? Two cloud databases left open to outside access. The breach — described by Wegmans as a “previously undiscovered configuration issue” — isn’t the company’s first security incident this year. In April, a suspected credential stuffing attack potentially compromised customer accounts.

On or around April 19, 2021, a third-party security researcher notified Wegmans about a potential data breach. The researchers discovered the problem: Two cloud databases, meant to be kept private to Wegmans, were open to public access.

The customer information in these databases include:

Names
Addresses
Email addresses
Phone numbers
Wegmans.com account names
Shopper Club numbers
(Salted) passwords

Wegmans says the breach didn’t expose Social Security numbers (the company didn’t collect these) or financial information.

“We recently became aware that, due to a previously undiscovered configuration issue, two of our cloud databases, which are used for business purposes and are meant to be kept internal to Wegmans, were inadvertently left open to potential outside access,” said Wegmans in a press release. The company has now corrected the issue.

There’s no evidence that hackers used any sophisticated tactics to access customer data. Wegmans accidentally left its databases open as it pushed data to the cloud, an increasingly common error as enterprises grow in the public cloud.

Data breaches and other security errors are often cases of misconfiguration that go undetected. Many enterprises lack visibility of their cloud resources, which puts them at risk of drift, theft, or unwanted access. Or, in cases of ‘too many cooks,’ different teams with different levels of security knowledge preside over an organization’s cloud, resulting in crossed wires and costly mistakes.

Teams should follow cloud security best practices to prevent an incident like the one that happened at Wegmans. Sonrai Security offers security checklists that prevent common cloud management mistakes like misconfiguration. Teams can use these checklists as a starting point — think Cloud Security 1.0 — and learn how to safeguard their organization’s most valuable asset: Customer data.

Sonrai has two cloud security checklists:

Enterprises should use these resources to prevent a data breach like Wegmans’.

Enterprises move data to the cloud for two good reasons: It’s safer and more scalable than on-premises ‘solutions.’ However, modern cloud environments bring additional security and configuration challenges that put organizations like Wegmans at risk.

Data breaches like those at Wegmans are often the result of complex cloud infrastructures that require continuous identity and data security. However, many enterprises lack the skill set to manage their cloud infrastructure, which increases misconfiguration errors. Sonrai Dig improves security and compliance, reduces misconfiguration errors, and safeguards customer data.