A huge customer database with 11 million records that containing personal details such as email, full name, gender and physical address exposed online. The data to be available from the unprotected MongoDB instance and it is open for anyone to access it.
Security researcher Bob Diachenko discovered the database containing 43.5GB large dataset with 10.999.535 email addresses along with the DNS status of the email addresses. The leaked data can be used by utilized by cybercriminals for malware and phishing campaigns.
Diachenko said that the origin of the data remains unknown and can find only a hint with a part of the email says “Yahoo_090618_ SaverSpy“.
It appears the attackers having access to the MongoDB already, Diachenko said the database was tagged as Compromised and the database containing a “Readme file” with a ransom note demanding 0.4 BTC for recovering the data, but it appears the scripts failed to encrypt the files.
Diachenko tried contacting SaverSpy which is powered Coupons.com to report the breach, but there is no response from them, However, the database has been taken offline.
Last week another Data Management Company’s misconfigured MongoDB server exposed its marketing database that contains around 445 million its customer records.
A recent investigation by Unit 42 of Palo Alto Networks has uncovered a sophisticated, state-sponsored…
Doppler, the leading provider of secrets management solutions, announced a new integration with Datadog, a…
Microsoft has introduced "Administrator Protection" (AP), a sophisticated security feature aimed at elevating Windows operating…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued seven Industrial Control Systems (ICS)…
In a recent discovery by Socket researchers, a malicious npm package named postcss-optimizer has been…
A recent investigation conducted by STRIKE, a division of SecurityScorecard, has unveiled the intricate and…