Friday, March 29, 2024

12,000 Social Media Famous Influencers Personal Data Leaked Online

Another data leak due to misconfiguration in octoly owned Amazon Web Services S3 cloud storage bucket. Around 12,000 Social Media Influencers accounts that belongs to Instagram, Twitter, and YouTube personalities Sensitive personal data leaked online from octoly’s Amazon Web Services S3 bucket.

Octoly is an influencers marketplace where brands and creators collaborate to make branded video content and reviews.

Due to Misconfiguration in octoly owned Amazon Web Services S3 bucket repository, they left an Exposed backup of their enterprise IT operations and sensitive information.

Revealed information about 12,000 personalities most sensitive information which was registered by thousands of firm.

Exposed details contains influencers real names, addresses, phone numbers, email addresses which including those specified for use with PayPal – and birth dates for these creators.

Also Read Hacking Group Spies on and Steal Data from Android Users Posing Actress Nude Photos

Also, octoly revealed hashed passwords that can be decrypted and use it for password reuse attack against various online accounts belonging to creators.

How does this Data Leak Occured

On January 4th, 2018, octoly subdomain based Amazon Web Services S3 cloud storage bucket has been discovered by UpGuard Director of Cyber Risk Research Chris Vickery.

The discovered file belongs to octoly  internal files that related to critical operations including a backup of Octoly’s operational database, “octoly_production.sql.”

The database contains a detailed information that about inner workings of Octoly’s Europe and North America based digital brand marketing operations.

According to UpGuard  The exposed data reveals details about three categories of affected entities and individuals. The first, “users,” refers to Octoly employees.
The second, “clients,” is comprised of enterprises that employ Octoly as a partner, typically for the purpose of connecting these brands to the twelve thousand exposed members of the third category, “creators.”

Also, Beyond the potential damage to Octoly’s business reputation through the leak of privileged internal data, the exposure of information involving the firm’s enterprise customers illustrates how one breach can implicate many more entities.UpGuard said.

Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles