While cybercriminals are constantly trying to find security loopholes in organizational networks, accidental data leaks and database misconfigurations are an easy option for them to pilfer sensitive data. Cybersecurity experts from WizCase recently uncovered a leaky database belonging to the popular mobile game Battle for the Galaxy.
Battle for the Galaxy, created by China-based game developer AMT Games, is a free-to-play mobile game with millions of downloads and users across 103 countries.
According to WizCase, an unsecured ElasticSearch server owned by AMT Games was left online without password protection, allowing anyone to access the data. The breach exposed over 1.47 TB of gamer data, including email addresses, IP addresses, and Facebook data.
What data was exposed?
- The unprotected server leaked approximately 5.9 million gamer profiles which included gamer ID, username, country, total money spent on the game, and even Facebook, Apple, and Google account data if the user linked either account with their game account.
- Over two million transactional data like encompassed price, item purchased, time of purchase, payment provider, and in some cases, IP address of the buyer. Payment providers included Google, Apple, Steam, Amazon, Samsung, and Facebook.
- Around 587,000 feedback message data contained account ID, feedback rating given, and users’ email addresses.
“In a sampling of the player profile data, the WizCase security team found that users could spend as much as $907 on the game via in-app microtransactions in the 10,000-player sample from 2019-2020 our team observed. This sample revealed concerning patterns in the mobile game. Of the 10,000 players sampled, 8,552 users made in-app purchases; 764 spent less than $1 on in-app purchases; 651 spent between $1 and $100 on in-app purchases, and 33 spent more than $100. That means 33% of users in the sample produced about 90% of the income in these transactions,” WizCase said.
Risks Associated with the Data Leak
Cybercriminals can misuse the leaked data to target users with various email scams, frauds, phishing, and malware attacks. “It is common for unethical hackers and criminals on the Internet to use personal data to create trustworthy phishing emails. The more information they possess, the more believable these emails look. For example, with the email addresses and specific details of user issues with the service such as in transactions and developer messages could allow bad actors to pose as game support and direct users to malicious websites where their credit card details can be stolen,” WizCase added.
WizCase recommended certain security measures to prevent any potential security risks, such as:
- Always provide minimum information when making a purchase or setting up an account online.
- When receiving an unexpected email from a seemingly trustworthy source, do not open any attachments.
- If you are ever unsure about an email from a trustworthy company, give them a call.
- A good antivirus program can also aid in protection from malware, Trojans, and other dangers.
- Delete your credit card information from your phone after purchasing something from a game’s store.
Misconfigurations Increase Data Leaks
The State of Cloud Security 2020 survey revealed that inadvertent database exposure continues to be a major risk for organizations, with misconfigurations exploited in 66% of reported attacks. Besides, 33% of organizations reported that attackers gained access through stolen cloud provider account credentials. Nearly 96% of respondents admitted that they face issues with their current level of cloud security, while 44% of respondents reported data breaches are the top security concern.