Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- SonicWall confirms all of its cloud backup customers were affected by data breach
October 10, 2025
All companies using SonicWall’s MySonicWall cloud backup feature have had their firewall configuration files exposed in a recent cyberattack, the company has admitted. After initially claiming “fewer than 5%” of its customer base was affected, the company has revealed the true scale of the incident. In mid-September 2025, SonicWall warned its firewall customers to reset their ...
- UK: Two teenagers arrested over cyber-attack on nursery chain
October 7, 2025
Two 17-year-old boys have been arrested by police investigating a cyber-attack on a chain of nurseries in London. The Metropolitan Police say the pair were arrested at residential addresses in Bishop’s Stortford, Hertfordshire, on suspicion of computer misuse and blackmail. Hackers were said to have stolen the photographs, names and addresses of about 8,000 children from ...
- Security bug in India’s income tax portal exposed taxpayers’ sensitive data
October 7, 2025
The Indian government’s tax authority has fixed a security flaw in its income tax filing portal that was exposing sensitive taxpayers’ data, TechCrunch has exclusively learned and confirmed with authorities. The flaw, discovered in September by a pair of security researchers Akshay CS and “Viral,” allowed anyone who was logged into the income tax department’s e-Filing ...
- Discord hit by data breach after hackers strike support tickets
October 6, 2025
Discord has warned users it suffered a cyberattack which caused a potentially worrying data breach. In a data breach notification announcement posted on the company’s blog, Discord said a third party, providing customer support services, was breached. “The unauthorized party then gained access to information from a limited number of users who had contacted Discord through ...
- A breach every month raises doubts about South Korea’s digital defenses
October 4, 2025
South Korea is world-famous for its blazing-fast internet, near-universal broadband coverage, and as a leader in digital innovation, hosting global tech brands like Hyundai, LG, and Samsung. But this very success has made the country a prime target for hackers and exposed how fragile its cybersecurity defenses remain. The country is reeling from a string of ...
- Hacking group claims theft of 1 billion records from Salesforce customer databases
October 3, 2025
A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce. The loosely organized group, which has been known as Lapsus$, Scattered Spider, and ShinyHunters, has published a dedicated data leak site ...