What happened
In March 2025 researchers reported that hardware retailer Sydney Tools had left a database misconfigured and publicly accessible, exposing around 34 million customer and order records [cybernews-st]. This was an exposure through misconfiguration rather than a hack. The number of distinct individuals affected was not officially confirmed and is not estimated here.
Timeline
- 2025-03 β Misconfigured database found publicly exposing ~34M records [cybernews-st].
Current status
Reported; access reportedly closed after disclosure. Figures reflect the researcher findings. [cybernews-st]
Why it matters
A textbook cloud-misconfiguration exposure β a reminder that breaches donβt always require an attacker, just a setting left open.