Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Third-party data breach in Singapore hits healthcare provider
October 26, 2021
Another third-party security breach has been reported in Singapore, this time, affecting patients of Fullerton Health and compromising personal data that included bank account details in “a few cases”. The affected vendor Agape Connecting People, which platform facilitates appointment booking, first detected the breach on October 19 and appeared to affect only Fullerton Health. The healthcare ...
- Hacker sells the data for millions of Moscow drivers for $800
October 23, 2021
Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800. According to Russian media outlets that purchased the database, the data appears to be valid and contains records collected between 2006 and 2019 Russian news publisher Kommersant called a small sample of the exposed individuals and ...
- BrewDog exposed data for over 200,000 shareholders and customers
October 8, 2021
BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers. The exposure lasted for over 18 months and the point of the leak was the firm’s mobile app, which gives the ‘Equity Punks’ community access to information, discounts ...
- Twitch source code, business data, gamer payouts leaked in massive hack
October 6, 2021
An unknown hacker has leaked the entirety of Twitch’s source code among a 128 GB trove of data released this week. The hack, first reported by Video Games Chronicle and confirmed by multiple sources, includes: The entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and console Twitch clients Creator payout reports from 2019 Proprietary ...
- 3.1M Neiman Marcus Customer Card Details Breached
October 1, 2021
Dallas-based Neiman Marcus Group is known worldwide as the go-to luxury retailer for the well-heeled. But their reputation for impeccable quality just took a big hit with revelations that the company was breached by an attacker back in May 2020. It took 17 months for the retailer to notice. Just this week, Neiman Marcus acknowledged the compromise, ...
- Epik Confirms Hack, Gigabytes of Data on Offer
September 21, 2021
Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves with the Anonymous hacktivist collective label said that the group had obtained and leaked gigabits of data from the hosting company, including 15 million email addresses. “On September 15, we confirmed that ...