Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Citrix Data Breach – Iranian Hackers Stole 6TB of Sensitive Data
March 11, 2019
Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by “international cyber criminals.” Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing ...
- Email verification service takes itself offline after 800 million records get publicly exposed
March 8, 2019
An online email verification service has taken itself offline after approximately 809 million of its customers’ emails were exposed through an unprotected server. Researchers discovered a non-password protected MongoDB instance amounting to 150GB of data split across four separate collections last week. They analysed this exposed data, 808,593,939 records in total, and published their findings on Thursday. The exposed ...
- Whitefly: Espionage Group has Singapore in Its Sights
March 6, 2019
Group behind the SingHealth breach is also responsible for a string of other attacks in the region. In July 2018, an attack on Singapore’s largest public health organization, SingHealth, resulted in a reported 1.5 million patient records being stolen. Until now, nothing was known about who was responsible for this attack. Symantec researchers have discovered that ...
- How your stolen personal data is sent to the dark web, and what hackers can do with it
February 10, 2019
“It’s 6.5 billion now,” the cybersecurity specialist says, standing in his office in Kowloon, Hong Kong, overlooking a control room where glowing computer screens display the pulse being taken of nefarious web activity. One dial acts as an algorithm-generated odometer for internet threat levels, while a pulsing world map shows regions from which cyberattacks and ...
- Collections #2-5 unearthed with 2.2 billion unique records now exposed online
February 1, 2019
Researchers have established that more than 600GB of personal information is circulating online after finding a monster cache of four additional ‘Collection’ folders. The Collection #1 leak discovered earlier this month was considered one of the largest leakages of personal data in history, with more than 773 million unique email addresses, and 22 million passwords, found ...
- Airbus data breach impacts employees in Europe
January 30, 2019
European aerospace corporation Airbus disclosed today a security breach that impacted its commercial aircraft manufacturing business. The company said the security breach “resulted in unauthorised access to data.” According to a press release published earlier today, Airbus said that “some personal data was accessed,” but “mostly professional contact and IT identification details of some Airbus employees in Europe.” Read more… Source: ...