Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Rising healthcare breaches driven by hacking and unsecured servers
February 17, 2021
2020 was a bad year for healthcare organizations in the U.S., which had to deal with a record-high number of cybersecurity incidents on the backdrop of the COVID-19 pandemic. Hacking and IT incidents affected the industry to a larger extent last year, accounting for more than 67% of all breaches and exposed the personal data of ...
- Singtel, QIMR Berghofer report Accellion-related data breaches
February 11, 2021
Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software. Accellion is a developer of secure file transfer products that allow organizations to transfer sensitive files with people outside of their organization. In mid-December, Accellion announced that they became ...
- Hackers steal StormShield firewall source code in data breach
February 4, 2021
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the company’s support ticket system and steal source code for Stormshield Network Security firewall software. StormShield is a French cybersecurity firm that develops UTM (Unified Threat Management) firewall devices, endpoint protection solutions, and secure file management solutions. StormShield’s SNi40 is ...
- Hacker leaks data of 2.28 million dating site users
January 24, 2021
A well-known hacker has leaked this week the details of more than 2.28 million users registered on MeetMindful.com, a dating website founded in 2014, ZDNet has learned this week from a security researcher. The dating site’s data has been shared as a free download on a publicly accessible hacking forum known for its trade in hacked ...
- SonicWall firewall maker hacked using zero-day in its VPN device
January 23, 2021
Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems. SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME and large enterprise organizations. On Friday night, ...
- Hacker leaks full database of 77 million Nitro PDF user records
January 20, 2021
A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. The 14GB leaked database contains 77,159,696 records with users’ email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information. The massive Nitro PDF data breach ...