An anonymous ethical hacker found an unsecured Elasticsearch server exposing private data of hundreds of thousands of users of over 70 adult dating and e-commerce websites across the globe.
The leaky database belongs to Mailfire, an email marketing firm that provides online marketing tools to all the websites affected in the data leak. vpnMentor’s researchers stated the database hosted copies of push notifications that various online sites were sending to their users via Mailfire’s push notification service. The database is now secured after vpnMentor reported the incident to the server’s owner.
In total, the leaky server exposed around 320 million records over 882.1 GB in size affecting more than 100, 000 users. The exposed information included notification contents, users’ PII data, private messages, authentication tokens and links, and email content. The compromised PII data included full names, age and date of birth, gender, email addresses, locations of senders, IP addresses, profile pictures uploaded by users, and profile bio descriptions. The leaked information is vulnerable to various attacks like identity theft, phishing, blackmail, and fraud.
“Cybercriminals could use contact information like names and email addresses to target users with phishing emails, tricking them into sharing even more sensitive data, like credit card details or login credentials, or clicking links embedded with malware. A user’s personal information and account details on a particular website would make it easy for cybercriminals to imitate the website in question, establish trust with their targets, and successfully trick them,” vpnMentor stated.
Misconfigurations Increase the Risks
A similar survey, “The State of Cloud Security 2020,” revealed that inadvertent database exposure continues to be a major risk for organizations, with misconfigurations exploited in 66% of reported attacks. Besides, 33% of organizations reported that attackers gained access through stolen cloud provider account credentials. A quarter of organizations stated that managing access to cloud accounts is a primary concern to them. Nearly 96% of respondents admitted that they face issues with their current level of cloud security, while 44% of respondents reported data breaches are the top security concern. Only one in four respondents stated lack of staff expertise as a top concern.