A huge customer database with 11 million records that containing personal details such as email, full name, gender and physical address exposed online. The data to be available from the unprotected MongoDB instance and it is open for anyone to access it.
Security researcher Bob Diachenko discovered the database containing 43.5GB large dataset with 10.999.535 email addresses along with the DNS status of the email addresses. The leaked data can be used by utilized by cybercriminals for malware and phishing campaigns.
Diachenko said that the origin of the data remains unknown and can find only a hint with a part of the email says “Yahoo_090618_ SaverSpy“.
It appears the attackers having access to the MongoDB already, Diachenko said the database was tagged as Compromised and the database containing a “Readme file” with a ransom note demanding 0.4 BTC for recovering the data, but it appears the scripts failed to encrypt the files.
Diachenko tried contacting SaverSpy which is powered Coupons.com to report the breach, but there is no response from them, However, the database has been taken offline.
Last week another Data Management Company’s misconfigured MongoDB server exposed its marketing database that contains around 445 million its customer records.
A recently disclosed vulnerability in Docusnap's Windows client software (CVE-2025-26849) enables attackers to decrypt sensitive…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2018-8639, a decade-old Microsoft Windows privilege…
Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited,…
A critical vulnerability in BigAntSoft's enterprise chat server software has exposed ~50 internet-facing systems to…
With the growing importance of security compliance for startups, more companies are seeking to achieve…
Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass authentication…