The Organization used a third party software called “Precise Pet Care” to store and archive Services Agreements and client information associated with the provision of a variety of pet care services (pet sitting, pet boarding, dog walking, etc.). After a client’s account is created, the primary documentation and signatures are stored in pdf files within each client’s account for reference and recordkeeping. On July 14, 2020, a security researcher discovered a vulnerability within the system that potentially allowed unauthorized access to the list of files the files themselves. The Organization?s service provider advised that the vulnerability was remedied the same day, and a second fix was implemented on July 22, 2020. The service provider also confirmed that none of the vulnerable files were accessed by anyone other than the security researcher who initially discovered the vulnerability. The Organization was made aware of the vulnerability incident on August 8, 2020.
P2021-ND-153
File Type:
pdf
File Size:
614 KB
Categories:
2021