![]() ![]() A further 55,300,000 Facebook profiles were summarily deleted within a few hours after our team first discovered the server and its vulnerability.The database had more than 408GB of data and more than 318 million records. That contained scrapped profiles of more than 214 million social media users, obtained from Facebook, Instagram and LinkedIn. Safety Detectives researchers, led by Anurag Sen, discovered a server belonging to Socialarks -Ī cross-border social media management company. No content of the private messages was revealed, though.”ĭiachenko said the exposure could pose risks for both Stripchat viewers and models. ![]() Finally, information on at least 719,000 chat messages (was exposed). Stripchat’s Max Bennet told Threatpost by email, “Information on 134 million transactions occurring were exposed however, no information was leaked regarding the payment details. The database included 65 million user records that contained email addresses, IP addresses, the number of tips they gave to models, a timestamp of when the account was created and the last payment activity.ĭiachenko also found another database containing about 421,000 records for the platform's models, including usernames, gender, studio IDs, tip menus and prices, live status, and the model's “strip score. In a Twitter DM to Gizmodo, Diachenko said that several NoSQL databases like Mongo are targets “for bot attacks operated by malicious actors who scan the internet for open and unprotected dbs and wipe their contents, with only a ransom note left.” Diachenko says a README ransom note demanded 0.019 in bitcoin (or $700).ĭiachenko discovered an Elasticsearch database containing 200 million records belonging to Stripchat -Īn adult cam site. Diachenko, who discovered the breach, said he found the vulnerability using publicly accessible open-source search tools. When misconfigured, the database can leave millions of documents vulnerable. Millions of its user records were exposed to the internet and then destroyed by a cyberattack involving a bot.Īccording to a Gizmodo report, the company stored its user data on a misconfigured MongoDB database, a NoSQL database used by companies who handle large volumes of user data. Iran business and social messaging application Raychat suffered a large data breach. The unprotected Elasticsearch database dated back ten years and contained the personal information of more than 106 million international travelers, including:ĭiachenko alerted Thai authorities, who acknowledged the incident and secured the data the following day. In August, Comparitech cybersecurity researcher Bob Diachenko stumbled across his own data online after discovering an unsecured database, which contained the personal information of millions of Thailand visitors. The misconfigurations also put users’ personal data at risk. While the misconfigured databases are not a surprise, the findings show the lack of basic security practices in many applications. Most of them had the real-time database unprotected, exposing sensitive user information. In addition, of the 23 apps that Check Point researchers analyzed, a dozen had more than 10 million installations on Google Play. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |