Mexican VAT refund site MoneyBack exposed sensitive customer information online as a result of a misconfigured database. From a report: A CouchDB database featuring half a million customers’ passport details, credit card numbers, travel tickets and more was left publicly accessible, security firm Kromtech reports. More than 400GB of sensitive information could be either downloaded or viewed because of a lack of access controls before the system was recently secured.

Read more of this story at Slashdot.

Source: Slashdot – Mexican Tax Refund Site Left 400GB of Sensitive Customer Info Wide Open