Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

Encryption provider for Sony leaks data for over a year

A vulnerability in encryption platform ENC Security has exposed data for over a year

Add bookmark
Olivia Powell
Olivia Powell
11/30/2022
Encryption provider for Sony leaks data for over a year

A server at encryption services company ENC Security, which serves more than 12 million customers including Sony and Lexar, has been leaking data since 2021.

An investigation by technology news site Cyber News into the Netherlands-based security provider has revealed a flaw in its software which has caused it to leak configuration and certificate files from May 27, 2021 to November 9, 2022.

The data stored inside the vulnerable server included a range of information used to authenticate customers’ identities. These included HMAC message authentication codes, Simple Mail Transfer Protocol (SMTP) credentials, API keys used for licensing payment and email marketing via Mailchimp, access keys for payment platform Adyen and public and private keys stored in.pem format.  

If accessed by unauthorized parties, this data could be exploited by malicious parties for a range of threat vectors, including phishing and ransomware. It could also be used to expose confidential customer information.

An ENC Security spokesperson said to Cyber News that the company “take[s] the security and protection of [its] data seriously” and that findings like the vulnerability are “researched and remediated with appropriate measures [taken]”.

The vulnerability, which according to ENC Security was due to configuration issues with a third-party supplier, was resolved soon after the company was alerted to it. 

Tags: ENC Security vulnerability server data leak authentication software API key Mailchimp third-party risk software vulnerability Sony Lexar

Upcoming Events

16th Automotive Cybersecurity Summit 2026

March 18 - 19, 2026

Sheraton Ann Arbor Hotel, Ann Arbor, Michigan

Register Now View Agenda View Event
16th Automotive Cybersecurity Summit 2026

Digital Identity Week

1st - 2nd September 2026

Sydney, Australia

Register Now View Agenda View Event
Digital Identity Week

Latest Webinars

From Dependencies to Defences: Navigating Software Supply Chain Security

2025-09-24

11:00 AM - 12:00 PM SGT

Learn how to defend your software supply chain from dependency threats and build resilient security...

From Dependencies to Defences: Navigating Software Supply Chain Security

Unpacking global regulatory frameworks to enhance third-party operational resilience

2024-11-14

11:00 AM - 12:00 PM EST

Join this webinar to explore the resilience-focused requirements of DORA, NIS2 and other global regu...

Unpacking global regulatory frameworks to enhance third-party operational resilience

Preventing financial and reputational risk with process intelligence

2024-05-23

11:00 AM - 12:00 PM EDT

Learn how to manage risk stemming from poorly controlled processes in a collaborative way

Preventing financial and reputational risk with process intelligence

Recommended

info@cshub.com/r/n

We hope you enjoy All Access from CS Hub!!<\/p>\r\n<p>Best Regards,<\/p>\r\n<p><a href=https://www.cshub.com/"https:////www.cshub.com///" target=\"_blank\">CS Hub Team<\/a><\/p>\r\n<p>P.S. Be sure to check out our other upcoming <a href=https://www.cshub.com/"https:////www.cshub.com//events?filter_format=ONLINE\%22 target=\"_blank\">All Access events here<\/a>.<\/p>\r\n<p>--------------------------------<\/p>\r\nConnect with us on Social Media: <a href=https://www.cshub.com/"https:////www.linkedin.com//groups//12067996///" target=\"_blank\">LinkedIn<\/a> | <a href=https://www.cshub.com/"https:////twitter.com//CSHubUSA/" target=\"_blank\">Twitter<\/a><\/p>\r\n<p>--------------------------------<\/p>\r\n<p>FAQS<\/p>\r\n<p><b>Can I invite my colleagues?<\/b><br>Yes of course! Please send them this link so they can register for free! [WebUrl]<\/p>\r\n\r\n<p><b>How do I access the sessions?<\/b><br>\r\nAll Access is run on Zoom Events. You should receive an email shortly from Zoom Events with your unique All Access link to the event lobby. Please hold on to that email ahead of the event. We\u2019ll also send you a reminder 24 hours before we go live!<\/p>\r\n\r\n<p><b>Will the agenda be updated?<\/b><br>\r\nYes, the agenda will be continuously updated on the website with the latest sessions & speakers. As we get closer to the event, also look out for our weekly updates which will also include the latest updates information and link to access the event.<\/p>\r\n<p><b>Can I access the sessions On Demand?<\/b><br>\r\nEvery session will be available after the event via the event lobby. We\u2019ll also send you a reminder about the On Demand sessions which will be sent to you after the event is over.<\/p>\r\n<p>--------------------------------<\/p>\r\n<p>RELATED RESOURCES TO READ BEFORE YOUR EVENT<\/p>\r\n<ul>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//executive-decisions//reports//cs-hub-mid-year-market-report-2022?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CS Hub Mid-Year Market Report 2022<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//ciso-strategies-for-proactive-threat-prevention?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CISO strategies for proactive threat prevention<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//how-to-strengthen-email-security-and-protection-against-advanced-ransomware-attacks?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">How to strengthen email security and protection against advanced ransomware attacks<\/a><\/li>\r\n<\/ul>","event_registration_srs_confirmation_email":null,"assets_from_cdn":true},"bant_disabled":1,"sponsorship_disclaimer":null,"sponsorship_disclaimer_text":null,"sponsorship_disclaimer_checkbox_disabled":0,"ext_treat_id":null,"recording_url":null,"file_attachment":null,"ingo_enabled":null,"ingo_activator_id":null,"ingo_autofiller_id":null,"ingo_amplifier_id":null,"ingo_authorizer_id":null,"restricted_content":0,"featured_events_embedded":[],"featured_content_embedded":[{"id":"62ebc12a3876be684671f31c","name":"GitHub supply chain attack could affect 83 million developers","description":"Code repository GitHub has been hit by a significant software supply chain attack","file":null,"url":"\/attacks\/news\/github-supply-chain-attack-could-affect-83-million-developers"},{"id":"6347f5925643b96c105f99e6","name":"IOTW: Toyota admits to data breach after access key is posted on GitHub","description":"The data of over 296,000 users may have been accessed in the breach","file":null,"url":"\/data\/news\/iotw-toyota-admits-to-data-breach-after-access-key-is-posted-on-github"},{"id":"6078615bd1d92e70163d1404","name":"IOTW: Facebook Data Leak Impacts 533 Million Users","description":null,"file":null,"url":"\/attacks\/articles\/iotw-facebook-data-leak-impacts-533-million-users"},{"id":"63468b1ac6425d52415dd33a","name":"Over 1.2 million credit card numbers leaked on hacking forum","description":"Dark web carding site BidenCash released the details as part of a site promotion","file":null,"url":"\/attacks\/news\/over-12-million-credit-card-numbers-leaked-on-hacking-forum"}],"featured_content_portal_embedded":null}" >

FIND CONTENT BY TYPE

News Case Studies Interviews White Papers Videos

Cyber Security Hub COMMUNITY

About Us Power10 Contact Us Advertise with us Cookie Policy User Agreement Become a Contributor All Access from CS Hub Become a Member Today Media Partners

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Cyber Security Hub, a division of IQPC

© 2026 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC | Contact Us | About Us | Cookie Policy