Bad App Configuration Causes BrewDog Data Leak of 200k People

News and information from the Advent IM team.

The data of more than 200,000 of BrewDog’s ‘Equity for Punks’ shareholders and customers has been available on their app over the last 18 months

BrewDog’s security issue was supposedly caused by the tokens not being transmitted following a successful user authentication event. This gave users the ability to access any other user’s PII, shareholding and bar discount on the community platform.

Other details leaked through the flaw included dates of birth, email addresses, user gender, telephone numbers and home addresses.

Read via Digit

Share this Post