Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Expedia’s Orbitz Says 880,000 Payment Cards Compromised in Security Breach
March 20, 2018
Chicago-based online travel booking company Orbitz, a subsidiary of Expedia, reveals that one of its old websites has been hacked, exposing nearly 880,000 payment card numbers of the people who made purchases online. The data breach incident, which was detected earlier this month, likely took place somewhere between October 2016 and December 2017, potentially exposing customers’ ...
- National Lottery: 10 million players told to change passwords as attackers hit online accounts
March 19, 2018
Millions of National Lottery players have been urged to change their passwords following what parent company Camelot describes as “suspicious activity” involving lottery accounts. Camelot, which runs the National Lottery, insists there’s been no access to core systems or databases that would affect lottery draws or prizes, but has recommended that its 10.5 million registered users ...
- Equifax hack just got worse for a lot more Americans
March 2, 2018
Equifax has confirmed more Americans are impacted by the cyberattack that targeted the credit rating giant last year than was first revealed. The company said in a statement Thursday that an ongoing analysis showed 2.4 million more Americans had their names and partial drivers’ license information stolen, but they were not previously thought to have been affected. The company ...
- Equifax Lost Even More Information on Consumers Than It Told the Public
February 14, 2018
Confidential documents filed with the US Senate Banking Committee suggest that Equifax could have lost considerably more personal information about over 145 million Americans to hackers than it’s publicly let on, CNN Money reported. While Equifax had disclosed that names, dates of birth, and Social Security numbers might have been compromised, as well as some drivers’ license ...
- Nissan Finance Canada Suffers Data Breach — Notifies 1.13 Million Customers
December 21, 2017
It’s the last month of this year, but possibly not the last data breach report. Nissan warns of a possible data breach of personal information on its customers who financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada. Although the company says it does not know precisely how many customers were affected by the ...
- Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC
December 18, 2017
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign ...