Myiconshirts.com

In early 2019 the online apparel retailer Myiconshirts.com suffered a significant security incident where an unprotected database was discovered online. The breach exposed a large volume of sensitive customer information stored in an ElasticSearch cluster that was left open without any password protection. The exposed data included personal details of customers such as names and shipping addresses along with order history and technical logs. Security researchers identified the exposure which allowed anyone with the correct IP address to access the internal records of the company. The incident highlights the risks associated with misconfigured cloud storage and database services in the ecommerce sector.