Ticket reselling platform Ticket To Cash kept an unprotected database online, exposing sensitive information on hundreds of thousands of customers, experts have warned.
The database was discovered by cybersecurity researcher Jeremiah Fowler, who managed to get in touch with the company and get the database locked down, sharing the details withVPNMentor. Ticket To Cash is a resale service site, using a network of thousands of partner resale sites to help users sell their concert, sports, and other tickets quickly. According to Fowler, it kept a non-password-protected, non-encrypted database with 520,054 records, totaling 200 GB in size.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Stolen Credentials Led to Data Theft at United Nations
September 10, 2021
A threat actor used stolen credentials from a United Nations employee to breach parts of the UN’s network in April and steal critical data, a spokesman for the intergovernmental organization has confirmed. That data lifted from the network can be used to target agencies within the UN, which already has experienced and responded to “further attacks” ...
- Hackers leak passwords for 500,000 Fortinet VPN accounts
September 8, 2021
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. This leak is a serious incident as the VPN ...
- Data Breaches: A Chance for Opportunistic Scammers & What You Should Watch for
September 5, 2021
Data breaches are now part of doing business, with many companies having been affected. Data is very valuable to criminals because it is often used to commit fraudulent activities as well as to enhance the credibility of scams. Data that is stolen ranges from Social Security Numbers (SSNs) to other identification documents and payment details. Scammers ...
- Names and addresses of 110,000 UK gun owners are leaked online by animal rights activists in huge security breach
September 1, 2021
Authorities are investigating a large data breach that could put thousands of Britain’s gun enthusiasts at risk. The names, home addresses and contact details of 111,295 people who own firearms in the UK have been taken and leaked online by animal rights activists. The breach, first reported by The Register website, concerns individuals have used the Guntrader ...
- Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak
August 30, 2021
Bangkok Airways has apologized for a data breach involving passport information and other personal data in a statement to customers. The company said that it discovered a “cybersecurity attack which resulted in unauthorized and unlawful access to its information system” on August 23. The statement said the company is “deeply sorry for the worry and inconvenience that ...
- Secret terrorist watchlist with 2 million records exposed online
August 16, 2021
A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. In July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. Read ...