Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- One of the largest T-Mobile authorized retailers had 90GB of info leaked, including customer data
September 23, 2023
T-Mobile is often in the news for the wrong reasons. Yesterday, a glitch in the company’s system showed personal customer information to the wrong account holders. And now, there is fear that freshly leaked data that is available online could help bad actors gain access to sensitive information. In T-Mobile’s defense, the carrier cannot be blamed ...
- Air Canada releases statement after brief cyber attack
September 22, 2023
Air Canada appears to have been the victim of a cyber attack after the company released a statement regarding the incident on September 21st. According to the statement, an authorized group gained what the company describes as “limited” access to an internal Air Canada system. The system was related to the personal information of both staff ...
- Australia: Pizza Hut says customer data breached in cyber hack
September 20, 2023
The personal details of pizza lovers across Australia have been compromised in a cyber attack on Pizza Hut. The popular fast-food chain, with 251 restaurants across the country, revealed it had been hacked in an email to customers on Wednesday. “In early September, we became aware of a cyber security incident where an unauthorised third party ...
- Microsoft AI researchers accidentally exposed terabytes of internal sensitive data
September 18, 2023
Microsoft AI researchers accidentally exposed tens of terabytes of sensitive data, including private keys and passwords, while publishing a storage bucket of open source training data on GitHub. In research shared with TechCrunch, cloud security startup Wiz said it discovered a GitHub repository belonging to Microsoft’s AI research division as part of its ongoing work ...
- UK: Greater Manchester Police officers’ details hacked in cyber attack
September 14, 2023
Police officers’ personal details have been hacked after a company was targeted in a cyber attack. The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP). The force confirmed it was aware of the ransomware attack. The hack means thousands of ...
- Russia linked hackers hit UK Ministry of Defence as security secrets leaked
September 2, 2023
Top secret security information on British military and intelligence sites has been leaked online by hackers linked to Russia. They released thousands of pages of data which could help criminals get into the HMNB Clyde nuclear submarine base, the Porton Down chemical weapon lab and a GCHQ listening post. Information about high-security prisons and a military ...