1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Security bug at compliance firm Vanta exposed customer data to ot

    From TechnologyDaily@1337:1/100 to All on Tuesday, June 03, 2025 10:00:09
    Security bug at compliance firm Vanta exposed customer data to other users

    Date:
    Tue, 03 Jun 2025 08:55:51 +0000

    Description:
    The company is already addressing the bug, which affected a small subset of its users.

    FULL STORY ======================================================================Vanta admits it introduced a bug in its code The bug resulted in a small subset of customers having data exposed The error is being fixed, and affected
    customers notified

    Security and compliance automation company Vanta has confirmed sharing sensitive customer data with other customers by mistake.

    In a statement (via TechCrunch ), the company said a change it had made in
    the code resulted in a security breach. In it, some sensitive data from a small subset of customers was shared with other customers.

    The incident was spotted on May 26, and remediation efforts are currently underway, with the process set to finish by June 4. Hundreds of victims

    As a result of the incident, a subset of data from fewer than 20% of our third-party integrations was exposed to other Vanta customers, the companys chief product officer Jeremy Epling said.

    He added that fewer than 4% of Vanta customers have been affected, and they have already been notified.

    Since the company has more than 10,000 customers, that would put the breach
    at up to 400. At the same time, the data breach notification letter Vanta
    sent out says that the data typically includes employee names, roles, and information about different tools, such as 2FA. The company did not confirm exactly what type of data was grabbed.

    Vanta is a security and compliance automation platform that helps businesses achieve and maintain certifications like SOC 2, ISO 27001, HIPAA, and GDPR more efficiently through continuous monitoring and integrations.

    Among its customers are Atlassian, Omni Hotels, Quora, and ZoomInfo. You
    might also like Iranian hackers pose as journalists to push backdoor malware Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/security-bug-at-compliance-firm-vanta-e xposed-customer-data-to-other-users


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)