Data Breach at New England’s Largest Energy Provider -
"A misconfiguration error has exposed personal data belonging to customers of New England's largest energy provider."
Why this is important: New England's largest provider of energy services, Eversource, announced an error with the security protocols on one of its cloud data storage folders, exposing the personal data of approximately 11,000 customers in eastern Massachusetts. The data exposed includes names, addresses (billing and service), phone numbers, and social security numbers. While the vulnerability was fixed upon discovery, the data was unsecured for more than a year and a half. Current information indicates there is no evidence the exposed information was accessed improperly by any third parties, but the exposure itself is a definite cause for concern, especially when it was exposed for so long before detection. This incident highlights the need for technological safeguards for stored data and regularly conducted checks and audits to ensure that policies are being properly implemented. Data privacy and cybersecurity need to work together to ensure the security of collected personal data.
Please see full publication below for more information.