The Indian Express
User data of adult dating sites from over 100 countries exposed
The data leak was 882.1GB in size. The type of data leaked includes notification contents, PII data, private messages, authentication tokens and links, email content. The breach was first discovered on August 31.
by Tech DeskPersonal details of over 100 thousand users of adult dating and e-commerce websites were leaked by an anonymous hacker. As per a report published by vpnMentor, all the 70 websites that were breached used the same marketing software build by email marketing company Mailfire. The data was breached through an unsecured Elasticsearch server which can lead to users being vulnerable to identity theft, blackmail, and fraud.
The data leak was 882.1GB in size. The type of data leaked includes notification contents, PII data, private messages, authentication tokens and links, email content. The breach was first discovered on August 31. The vendors were contacted on September 3 and Mailfire responded to the news straightaway by securing the server in a few hours. One day later, the clients were informed about the said breach.
Mailfire also took the responsibility of the malfunction. The report mentioned: “Mailfire assumed full responsibility and insisted that the companies exposed were in no way responsible at all — and our research has also confirmed this to be true.”
https://images.indianexpress.com/2020/08/1x1.png
At the beginning of the investigation, it was ascertained that the 882.1GB of data was “containing over 370 million records for 66 million individual notifications sent in just 96 hours”.
The Personally Identifiable Information (PII) data included full names, age, and date of birth, gender, email addresses, location of sends, IP addresses, profile pictures uploaded by users, and profile bio descriptions. Also, the conversation between users on dating sites has been accessed by hackers.
Users from over 100 countries have been affected by the massive breach including countries like Australia, Belgium, Canada, Germany, UK, USA, Portugal and others.
Recently, over 7 lakh RailYatri users’ data has been reportedly leaked via an unsecured server due to inadequate security measures. The details of the database included full names, phone numbers, addresses, email IDs, ticket booking details, UPI Ids, GPS location, and partial info on debit and credit card numbers.
Express Tech is now on Telegram. Click here to join our channel (@expresstechie) and stay updated with the latest tech news