Shell Investigates Exposed Database Revealing Personal Data of Electric Vehicle Charging Station Users
Oil giant Shell has launched an investigation following a security researcher’s discovery of an exposed internal database leaking the personal information of drivers who utilize the company’s electric vehicle charging stations.
Hosted on Amazon Web Services, the database contained the names, addresses, email addresses, phone numbers, and vehicle registration numbers of over 100,000 drivers. Moreover, it revealed each driver’s charging history, including the dates and times they charged their vehicles, the amount of energy consumed, and the cost of each charging session.
The security researcher, known as “Under the Breach,” stumbled upon the database while searching for publicly accessible AWS databases. They notified Shell of the security lapse on May 25, but the database remained unsecured until June 8.
Shell expressed deep disappointment regarding the security lapse and is currently notifying affected drivers. The company is also conducting an internal investigation to determine how the data was exposed.
This security lapse serves as a vital reminder of the significance of data security. Companies collecting personal information from customers must take measures to safeguard that information against unauthorized access.
Tips for businesses to protect customer data:
- Implement strong passwords and two-factor authentication.
- Keep software up to date.
- Monitor networks for unauthorized activity.
- Educate employees about data security.
- Regularly back up your data.
Implementing these tips can significantly assist businesses in safeguarding customer data from unauthorized access.