Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Massive COMB data breach reveals info on over a billion people
May 14, 2024
Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records. This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on ...
- Ireland: More than 470 legal proceedings issued against health service after ransomware hit
May 14, 2024
More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...
- Tennessee: New state law to protect entities under cyber attack from class action suits amid Ascension Health hack
May 13, 2024
Another healthcare system is under a cyber attack, and while it’s unclear what, if any information has been accessed, a soon-to-be law will prevent those whose information may have been exposed from filing a class action lawsuit against entities that are hacked as long as the organization wasn’t grossly negligent. According to a spokesperson for Ascension ...
- Philippine National Police checking alleged data breach in its logistics system
May 13, 2024
The Philippine National Police (PNP) on Monday said it was looking into a possible breach in its logistics, data, information, and management system. “At about 10 a.m. today, it was reported that yun pong logistics, data, information, and management system experienced an alleged breach,” PNP spokesperson Police Colonel Jean Fajardo said in a presser. Read more… Source: GMA ...
- Dell data breach may affect up to 49m customers
May 13, 2024
Dell has confirmed a data breach that could, according to reports, have affected up to 49m customers. The breach revealed names and addresses of Dell customers, as well as information about equipment purchased, although the tech giant says that no payment or banking details were uncovered in the incident. Read more… Source: MSN News Sign up for our Newsletter Related:
- Some Firstmac customer details breached in home lender hack
May 10, 2024
Some current and former customers of Brisbane-based non-bank home lender Firstmac were notified this afternoon that some of their details had been compromised in a “cyber incident”. Firstmac said that as soon as the incident was detected, they took steps to secure their systems, and engaged cyber security experts. Read more… Source: MSN News Sign up for our Newsletter Related: