Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Over two million users hit by top US pharmacy provider data breach
November 15, 2023
Truepill, formerly known as Postmeds, suffered a data breach that resulted in sensitive data on more than 2.3 million patients being stolen. The US Department of Health and Human Services Office for Civil Rights breach portal listed Truepill (or rather Postmeds) as being under investigation for a data breach that affected a total of 2,364,359 people. Read ...
- Bitcoin ATM operator Coin Cloud suffers severe data breach
November 13, 2023
Coin Cloud, a prominent Bitcoin ATM operator, has fallen victim to a significant security breach in a recent development that has shaken the cryptocurrency world. Hackers, whose identities remain unknown, have reportedly seized control of Coin Cloud’s backend system source code and accessed sensitive customer data, including 70,000 client selfies and personal details of around 300,000 ...
- Data breach of Michigan healthcare giant exposes millions of records
November 13, 2023
Michigan-based healthcare nonprofit McLaren Health Care notified more than 2 million people about a data breach exposing personal information on Thursday, according to a data breach notification report. Unauthorized access to McLaren systems began on July 28 and lasted through August, but the individual impact varies from person to person. According to a notice on ...
- Boeing confirms ransomware attack as stolen data released by cybercrime gang Lockbit
November 11, 2023
Stolen data from American aircraft manufacturer Boeing has been released online by the cybercrime gang, Lockbit, according to the group’s website. Boeing confirmed a cybersecurity incident involving elements of its parts and distribution business. “We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from ...
- Maine government says data breach affects 1.3 million people
November 10, 2023
The government of Maine has confirmed over a million individuals had personal information stolen in a data breach earlier this year by a Russia-linked ransomware gang. In a statement published Thursday, the Maine government said hackers exploited a vulnerability in its MOVEit file-transfer system, which stored sensitive data on state residents. The hackers used the vulnerability ...
- Optus loses court bid to keep report into cause of cyber-attack secret
November 10, 2023
Optus has lost a bid in the federal court to keep secret a report on the cause of the 2022 cyber-attack – which resulted in the personal information of about 10 million customers being exposed – after a judge rejected the telco’s legal privilege claim. After the hack, the company announced in October last year that ...