Database exposed via elastic search cluster without password protection.
13 June 2022A total of 5 breaches
were found and analysed resulting in 102,560 leaked accounts
containing a total of 13 different data types
. The breaches found publicly and freely available included Qatar National Bank, Nerdweb, Lime VPN, The Northern Alberta Radio Club and Desh Hosting. Sign in to view the full
BreachAware
Breach Index which includes, where available, reference articles relating to
each breach.
SPOTLIGHT
There maybe an unusual number of red faces about this week after a large security breach left a private cam modelling site’s database exposed online, leaked via an elasticsearch cluster and without password protection. The site has a huge user-base of around 20 million users and there are reports suggesting that upwards of 7 million users could be affected.
A variety of datasets were included in the data leak but a couple of the datasets worth a mention includes the IP address of the cam models and their ISP’s (internet service provider).
Clearly, revealing a models IP address and then perhaps their physical location exposes the user to a very much higher level of risk. It leads me to conclude that the site doesn’t take the physical security of its users as seriously as they should.
A member of our team came across a recent breach from a platform offering online courses and tuition. The site offers a range of courses from advertising to marketing and has thousands of course creators. It has an “Excellent” rating on Trust Pilot and seems to be doing well in a crowded marketplace. However, and we have seen this so many times, security doesn’t seem to be a priority and the site recently suffered a data breach. The login details for the site and other datasets are now in circulation around the web, the passwords are hashed brycpt making it harder to dehash but not impossible. At this point in time no information on the security breach has been released by the website in question.
Moving on, an Indian business solution website for Stock Brokers is definitely having a bad day. We noticed that a portion of their user-base has been dumped online and the rest is up for sale. The dump contains a lot of sensitive data, for example passport number, bank name and pan account number - which is 19-digit number generated as a unique identifier for your credit card.
These datasets are highly sensitive and particularly rewarding to threat actors after your cash. The hacker who is selling the data says they have over 86k users. We’re not sure how much the data is being sold for, as its price on request.
DATA CATEGORIES DISCOVERED
Contact Data, Technical Data, Financial Data, Socia-Demographic Data, Usage Data.