Unprotected cloud database exposed nearly 10 million personal data records

Unprotected cloud database exposed nearly 10 million personal data records

Unprotected cloud database exposed nearly 10 million personal data records

An unprotected cloud database hosted by data aggregator Adapt was recently found to have exposed over 9.3 million data records that included personal data as well as job descriptions of millions of individuals.

The said MongoDB cloud database was unearthed by security researcher Bob Diachenko earlier this month who noted that the database wasn't password-protected and allowed anyone with an Internet connection to access the customers’ files.

Over 9.3 million data records available to all

The database contained as many as 9,376,173 personal data records that included first and last names, phone numbers, name of the companies where the individuals were employed, job titles, job descriptions, list of company domains, industry, company revenue, email confidence scores, total contacts available in the company, and emails of every contact in the company.

"While the data itself might be non-sensitive, the availability of it online without any authentication is not something you would expect. The lawfulness of web scraping as a method of gathering data is debated, but open access to private data is definitely illegal," Diachenko wrote in a blog post.

Adapt, the data aggregator that hosts the unprotected cloud database, advertises itself as a service that provides free access to millions of business contacts and allows individuals to "enrich business profiles on any website with email, phone and a number of contacts".

According to Diachenko, it is not clear if the database was made available to everyone on the Internet intentionally or whether the lack of password-protection was a result of a server misconfiguration, as is usually the case.

Even though Adapt is yet to respond to Diachenko's query on the potential breach of personal data records, security researcher Troy Hunt has added the cloud database to his popular data breach repository on his website. You may click here if you wish to know whether the database contains your personal data or job description.


Classified details of over 9,000 security personnel exposed in massive data breach

Unsecured cloud server exposed Viacom’s entire IT infrastructure!

Major data breach exposes sensitive details of 200 million US voters

Copyright Lyonsdown Limited 2020

Top Articles

PrismHR outage possibly caused by a ransomware attack, experts believe

PrismHR suffered a cyber attack last week which forced it to shut down its flagship software that serves thousands of organisations worldwide.

Hackers exploited flaws in Accellion FTA to steal data from Qualys

Qualys said hackers exploited a zero day vulnerability in Accellion's FTA to infiltrate an FTA server deployed in its DMZ environment.

SITA data breach compromised data associated with multiple international airlines

SIT, has revealed it recently suffered a major cyber attack that compromised information belonging to customers of several airline companies.

Related Articles