API testing firm APIsec confirmed a significant security lapse, exposing an internal database containing sensitive customer data online for days without a password. The database, discovered by UpGuard, included names, email addresses, and security posture details of APIsec’s corporate customers, dating back to 2018. APIsec founder Faizel Lakhani initially downplayed the issue, claiming the database held 'test data,' but later acknowledged real customer information was leaked. The company has since notified affected customers and is investigating the breach, which was attributed to human error.