Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
November 29, 2018
British and Dutch data protection regulators Tuesday hit the ride-sharing company Uber with a total fine of $1,170,892 (~ 1.1 million) for failing to protect its customers’ personal information during a 2016 cyber attack involving millions of users. Late last year, Uber unveiled that the company had suffered a massive data breach in October 2016, exposing names, email ...
- Dell announces security breach
November 28, 2018
US-based hardware giant Dell announced today a security breach that took place earlier this month, on November 9. Dell says it detected an unauthorized intruder (or intruders) “attempting to extract Dell.com customer information” from its systems, such as customer names, email addresses, and hashed passwords. The company didn’t go into details about the complexity of the ...
- 500K Italian Public Administration Email Accounts Compromised By Targeted Attack
November 21, 2018
500,000 certified Italian public administration emails were compromised by hackers who specifically targeted the Italian Comitato Interministeriale per la Sicurezza della Repubblica (CISR) as reported by Difesa e Sicurezza. Although CISR was the primary target, the hackers also compromised certified emails related to other Italian public administration agencies according to Roberto Baldoni, the Deputy Director of the ...
- Amazon suffers data breach days before Black Friday
November 21, 2018
Amazon has suffered a data breach just days before Black Friday – and the company was tight-lipped about whether it had notified the British data protection authorities. Multiple Register readers forwarded us emails sent from Amazon’s UK tentacle informing them that the online sales site had “inadvertently disclosed name and email address due to a technical error”. The ...
- USPS Site Exposed Data on 60 Million Users
November 21, 2018
U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said ...
- True Identity of Notorious Hacker tessa88 Revealed
November 20, 2018
In early 2016, a previously unknown hacker operating under the alias of tessa88 publicly emerged after offering an extensive list of compromised, high-profile databases for sale. The hacker offered for sale the databases of companies such as VKontakte, Mobango, Myspace, Badoo, QIP, Dropbox, Rambler, LinkedIn, and Twitter, among others. Within several months of incredibly active ...