Encryption provider for Sony leaks data for over a year
A server at encryption services company ENC Security, which serves more than 12 million customers including Sony and Lexar, has been leaking data since 2021. An investigation by technology news site Cyber News into the Netherlands-based security provider has revealed a flaw in its software which has caused it to leak configuration and certificate files from May 27, 2021 to November 9, 2022. The data stored inside the vulnerable server included a range of information used to authenticate customers’ identities. These included HMAC message authentication codes, Simple Mail Transfer Protocol (SMTP) credentials, API keys used for licensing payment and email…