A huge customer database with 11 million records that containing personal details such as email, full name, gender and physical address exposed online. The data to be available from the unprotected MongoDB instance and it is open for anyone to access it.
Security researcher Bob Diachenko discovered the database containing 43.5GB large dataset with 10.999.535 email addresses along with the DNS status of the email addresses. The leaked data can be used by utilized by cybercriminals for malware and phishing campaigns.
Diachenko said that the origin of the data remains unknown and can find only a hint with a part of the email says “Yahoo_090618_ SaverSpy“.
It appears the attackers having access to the MongoDB already, Diachenko said the database was tagged as Compromised and the database containing a “Readme file” with a ransom note demanding 0.4 BTC for recovering the data, but it appears the scripts failed to encrypt the files.
Diachenko tried contacting SaverSpy which is powered Coupons.com to report the breach, but there is no response from them, However, the database has been taken offline.
Last week another Data Management Company’s misconfigured MongoDB server exposed its marketing database that contains around 445 million its customer records.
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…
Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…