Cybersecurity researcher Jeremiah Fowler discovered a massive data leak exposing millions of records belonging to ClickBalance, Mexico’s leading Enterprise Resource Planning (ERP) technology provider.
The publicly exposed database contained potentially sensitive information such as access tokens, API keys, secret keys, bank account numbers, tax identification numbers, and 381,224 email addresses. As a whole, the database contained 769,333,246 records with a total size of 395 GB.
The database contained API keys and secret keys in what appeared to be plain text. These keys can grant access to critical systems and potentially sensitive data. Hypothetically, cyber criminals could exploit exposed credentials to gain unauthorized access to applications, databases, and other services.
ClickBalance has not yet publicly commented on the data breach. However, given the severity of the incident, it is crucial for them to take immediate action to investigate the cause of the breach, secure their systems, and notify affected customers.
