- NaG4E1537270467 - 11 Million Sensitive Personal Records Exposed Online

A huge customer database with that containing details such as email, full name, gender and physical address . The data to be available from the unprotected MongoDB instance and it is open for anyone to access it.

Security researcher Bob Diachenko discovered the database containing 43.5GB large dataset with 10.999.535 email addresses along with the DNS status of the email addresses. The leaked data can be used by utilized by cybercriminals for malware and phishing campaigns.

Diachenko said that the origin of the data remains unknown and can find only a hint with a part of the email says “Yahoo_090618_ SaverSpy“.

- Email2 - 11 Million Sensitive Personal Records Exposed Online


It appears the attackers having access to the MongoDB already, Diachenko said the database was tagged as Compromised and the database containing a “Readme file” with a ransom note demanding 0.4 BTC for recovering the data, but it appears the scripts failed to encrypt the files.

- Email1 - 11 Million Sensitive Personal Records Exposed Online

Diachenko tried contacting SaverSpy which is powered Coupons.com to the breach, but there is no response from them, However, the database has been taken offline.

Last week another Data Management Company’s misconfigured MongoDB server exposed its marketing database that contains around 445 million its customer records.

Source link


Please enter your comment!
Please enter your name here