• by Ray Schultz , December 4, 2019

Smoker data has been exposed in the breach of a Romanian web platform owned by British American Tobacco (BAT).

Also on view are full name, email, phone number, date of birth, gender and source IP, according to a report by vpnMentor. 

The server, which contains this personally identifiable information (PII), has been compromised by ransomware.

The web platform is tied to a BAT Romania promotional campaign targeting adult smokers, vpnMentor discovered.

Romanian law forbids tobacco advertising, but allows some promotional efforts targeting smokers over age 18.

The vpnMentor team, led by internet privacy researchers, found the data breach on "an unsecured server connected to the web platform YOUniverse.ro,” the company writes. It adds that Romanian residents use the platform to win tickets to parties and events featuring well-known performers.

vpnMentor tried to contact the server’s hosting company, Romania’s National Authority for Consumer Protection, and the certification authority. The latter was the only entity to respond.

The database was closed on November 27.

The leaked database, involving almost 352 GB of data, was found on an unsecured Elasticsearch server located in Ireland, according to vpnMentor.

The server contains logs for the previous seven days, some containing more than 60 million entries, it says. Some entries may contain duplicate data. 

Based in the UK, BAT is one of the world’s largest manufacturers of tobacco and nicotine products, vpnMentor says.