Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Oracle Cloud says it’s not true someone broke into its login servers and stole data
March 23, 2025
Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen. A crook late last week advertised on an online cyber-crime forum what was alleged to be Oracle Cloud customer security keys and other sensitive data swiped from the IT giant. This material was said to have ...
- Longtime FBI agent charged with disclosing classified records
March 20, 2025
A longtime FBI agent has been charged with unlawfully taking and disclosing classified FBI files, according to court records reviewed by CBS News. Johnathan Buma, who specialized in national security and terror cases, has been released on $100,000 bond, with orders to appear in court in Los Angeles. Buma was arrested as he boarded an international ...
- A website mapped Tesla owners and their personal information amid a wave of attacks
March 20, 2025
Tesla owners confirmed on Wednesday that an online map decorated with an image of a Molotov cocktail includes accurate personal information about them, such as residential addresses, raising fears that activists opposed to billionaire Tesla CEO Elon Musk could target them for vandalism. The online map went live Monday, displaying the names, addresses and contact information ...
- Pennsylvania: Half a million teachers hit in major data breach
March 19, 2025
Even if you practice perfect cyber hygiene, you can still wake up to find yourself amid a major security crisis resulting from a data breach, and that’s exactly what happened to half a million teachers. As reported by The Record, over 500,000 teachers and other employees who work in education across Pennsylvania’s public schools had their ...
- Sperm bank breach deposits data into hands of cybercriminals
March 19, 2025
Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers’ personal information. California Cryobank (CCB) is a sperm donation and cryopreservation firm and one of the US’ top sperm banks. As such, it services all US states and over 30 countries worldwide. The data breach notification states that the breach ...
- Critical Security Incident involving GitHub Action tj-action/changed-files
March 17, 2025
A critical security incident involving the tj-actions/changed-files GitHub Action has been reported. The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including passwords, tokens, API keys, PII and other sensitive data that have been embedded within software code. ...