Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Gay furry hackers strike massive cyber attack against US far-right Project 2025
July 10, 2024
A collective of self-described “Gay furry hackers” called SiegedSec managed to hack into the right-wing Heritage Foundation affiliated with Project 2025 in a massive cyber attack. The hackers released two gigabytes of data, including Heritage Foundation member names, email addresses, passwords, and usernames. SiegedSec claimed responsibility for the hack on Telegram, sharing that they breached online ...
- Alleged breached data of Airport and Aviation Services Sri Lanka surfaces online
July 10, 2024
A recent post on the notorious cybercrime forum BreachForums claims that the Airport and Aviation Services Sri Lanka (AASL) has suffered a data breach. According to the post, the breached data contains approximately 7,083 records that include names, NICs, emails, passport numbers, and other sensitive data. Blurred screenshot of post alleging Airport and Aviation Services Sri ...
- ‘RockYou2024’: Nearly 10 billion passwords leaked online
July 8, 2024
On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value ...
- Japan: MSDF chief may quit over widespread mishandling of secret info
July 6, 2024
Several Maritime Self-Defense Force vessels reportedly allowed unvetted personnel to handle top secret information related to national security, with the MSDF’s top uniformed officer signaling his intention to resign over the latest breach. Ryo Sakai, the MSDF’s chief of staff since 2022, is expected to quit his post and the Defense Ministry is considering disciplinary actions ...
- OpenAI breach is a reminder that AI companies are treasure troves for hackers
July 5, 2024
There’s no need to worry that your secret ChatGPT conversations were obtained in a recently reported breach of OpenAI’s systems. The hack itself, while troubling, appears to have been superficial — but it’s reminder that AI companies have in short order made themselves into one of the juiciest targets out there for hackers. The New York ...
- Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour
July 5, 2024
The cybercriminals who claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift’s ERAS Tour. In a post on ...