US Cargo Tech Company Exposed Shipping Systems and Customer Data Online
A US shipping tech firm left its systems open online, allowing access to sensitive customer data and vulnerabilities that could be exploited.
New York: A US tech company named Bluspark Global forgot to fix its security issues. This mistake left its shipping information and customer data open on the internet. Many big companies use its shipping platform called Bluvoyix to send products around the world. Bluspark helps many stores and makers but wasn’t well-known.
After some security weaknesses were found, Bluspark said it fixed five main problems. One was that employees and customers used simple passwords that anyone could see. Another was that hackers could reach the shipping software easily. This meant anyone could get to customer data going back many years.
A security researcher named Eaton Zveare found these issues last October. He tried to tell Bluspark about the problems, but it took a long time to get a response. He even needed help from a media company called TechCrunch to notify Bluspark. Finally, when TechCrunch included a part of the CEO’s password, the company replied. They later said they fixed most problems and were checking with a third party for safety.
Despite the fixes, Bluspark didn’t say if any customer shipments were changed because of the issues. They also mentioned plans for a program to help outside researchers report problems in the future.