We Leaked PII in Staging: Here's the Automated Data Masking Pipeline That Saved Us

https://hackernoon.imgix.net/images/hnDrcNS3vSYYAneclDfYGA4In0Q2-az83a28.png

I was in the middle of writing a Cypress test when the Slack message from our Compliance Officer popped up.

"Why am I seeing real customer email addresses in the staging environment user table?"

It was 2:14 PM on a Thursday. I dropped what I was doing, queried the staging Postgres database, and felt my stomach drop. There were 400,000 rows in the users table. Every single one had a real name, a real email address, and a real phone number.

This environment was accessible to our internal engineering team, plus about 80 external contractors building frontend features. It had been sitting there, fully exposed, for 36 hours.

The root cause was depressingly simple. For two years, our process for getting realistic test data into staging involved a DBA taking a production snapshot, running a massive SQL UPDATE script to scramble the PII, and then restoring it to staging. The...

Copyright of this story solely belongs to hackernoon.com. To see the full text click HERE

Read more