Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- UK: Personal details of 200,000 people at risk after neighbourhood watch system data breach
April 24, 2024
The names, email addresses and telephone numbers of up to 200,000 people could have been obtained by hackers following a major data breach at a police-backed alert system. Bosses at the company which manages the ‘In The Know’ alert system, which is used by Lancashire Police and Lancashire Fire and Rescue Service, have apologised. Read more… Source: MSN ...
- United Nations investigating potential ransomware attack after data ripped from IT systems
April 23, 2024
Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data. Ransomware gang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more Read more… Source: MSN News Sign up for ...
- Grindr facing UK lawsuit over alleged data protection breaches
April 22, 2024
Gay dating app Grindr is facing a mass data protection lawsuit in London from hundreds of users who allegedly had their private information, including HIV status, shared with third parties without consent, a law firm said on Monday. Austen Hayes, which said the lawsuit is being filed at London’s High Court, said thousands of Grindr users ...
- MITRE says it was hit by hackers exploiting Ivanti flaws
April 22, 2024
The not-for-profit research and development organization MITRE suffered a cyberattack early this year, with the attack apparently hindering some operations, but there was no talk of stolen data. In a breach notification published on the MITRE website late last week, CEO and president Jason Providakes explained what happened and what the organization was doing about it. Read ...
- Discord’s updated Terms of Service are exactly the wrong response to its recent data breaches
April 20, 2024
It seems that Discord has been in the news for one reason or another lately, ranging from layoffs to massive privacy breaches and information theft by third parties. And now there’s something new on the horizon — one that may not seem like such a huge deal now but could cause massive issues later on down ...
- Singapore: Personal information of parents, staff at 127 schools accessed in data security breach
April 20, 2024
A data breach at one of its vendors has resulted in the “unauthorised access” of names and email addresses of parents and staff from five primary and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). MOE said it was notified by Mobile Guardian that its user management portal had been breached ...