Major online dictionary Glosbe exposes personal data of millions in server breach

Multilingual online dictionary Glosbe, known as one of the largest platforms of its kind, faced a significant data breach exposing personal information from nearly 7 million users due to a misconfigured MongoDB server, as reported by Cybernews.

The breach, discovered by researchers at Cybernews, revealed sensitive user data, including personal details, social media identifiers, and encrypted passwords within the unprotected MongoDB database. Despite the severity of the breach, Glosbe has not provided any official comment on the incident.

MongoDB, utilized by businesses for organizing and storing large volumes of document-oriented data, occasionally suffers from misconfigurations that render databases accessible to the public, potentially compromising vast amounts of sensitive information.

The Cybernews research team unearthed the open database in December 2023 and promptly alerted Glosbe. Although the organization took action to secure the exposed database, it refrained from issuing a formal response to the researchers.

Efforts to obtain an official statement from Glosbe regarding the breach were unsuccessful at the time of publishing.

According to researchers, the exposed database contained a repository of user records from Glosbe, exposing individuals to severe risks, including identity theft, phishing attacks, and unauthorized account access.

Glosbe, recognized as the largest online dictionary platform, operates akin to Wikipedia by relying on community contributions to cover a wide array of languages.