Categories: Data Breach

12,000 Social Media Famous Influencers Personal Data Leaked Online

Another data leak due to misconfiguration in octoly owned Amazon Web Services S3 cloud storage bucket. Around 12,000 Social Media Influencers accounts that belongs to Instagram, Twitter, and YouTube personalities Sensitive personal data leaked online from octoly’s Amazon Web Services S3 bucket.

Octoly is an influencers marketplace where brands and creators collaborate to make branded video content and reviews.

Due to Misconfiguration in octoly owned Amazon Web Services S3 bucket repository, they left an Exposed backup of their enterprise IT operations and sensitive information.

Revealed information about 12,000 personalities most sensitive information which was registered by thousands of firm.

Exposed details contains influencers real names, addresses, phone numbers, email addresses which including those specified for use with PayPal – and birth dates for these creators.

Also Read Hacking Group Spies on and Steal Data from Android Users Posing Actress Nude Photos

Also, octoly revealed hashed passwords that can be decrypted and use it for password reuse attack against various online accounts belonging to creators.

How does this Data Leak Occured

On January 4th, 2018, octoly subdomain based Amazon Web Services S3 cloud storage bucket has been discovered by UpGuard Director of Cyber Risk Research Chris Vickery.

The discovered file belongs to octoly  internal files that related to critical operations including a backup of Octoly’s operational database, “octoly_production.sql.”

The database contains a detailed information that about inner workings of Octoly’s Europe and North America based digital brand marketing operations.

According to UpGuard  The exposed data reveals details about three categories of affected entities and individuals. The first, “users,” refers to Octoly employees.
The second, “clients,” is comprised of enterprises that employ Octoly as a partner, typically for the purpose of connecting these brands to the twelve thousand exposed members of the third category, “creators.”

Also, Beyond the potential damage to Octoly’s business reputation through the leak of privileged internal data, the exposure of information involving the firm’s enterprise customers illustrates how one breach can implicate many more entities.UpGuard said.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…

1 day ago

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…

3 days ago

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…

3 days ago

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…

4 days ago

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…

4 days ago

Notorious WrnRAT Delivered Mimic As Gambling Games

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…

4 days ago