Servers running software sold by Salesforce are leaking sensitive data managed by government agencies, banks, and other organizations, according to a post published Friday by KrebsOnSecurity.
At least five separate sites run by the state of Vermont permitted access to sensitive data to anyone, Brian Krebs reported. The state’s Pandemic Unemployment Assistance program was among those affected. It exposed applicants’ full names, Social Security numbers, addresses, phone numbers, email addresses, and bank account numbers. Like the other organizations providing public access to private data, Vermont used Salesforce Community, a cloud-based software product designed to make it easy for
→ Continue reading at Ars Technica