More than 1 million e-learning users data exposed from a misconfigured and unencrypted Amazon S3 buckets and other types of servers. The exposed data can be accessed by anyone online without any form of authentication.
The breach was found by researchers at Wizcase, the breach affects 5 different eLearning Companies around the globe. The data found to be stored 4 Amazon S3 buckets and an ElasticSearch server, due to misconfigurations the data are available publically.
Following are the data exposed;
Escola Digital – Brazilian eLearning website exposes several CSV files with user’s personally identifiable information. The data found to be collected between 2016 and 2017.
MyTopDog – Platform specifically for school children based in SoutAfrica, exposes over 800,000 students data and other business information.
Okoo – Online Learning Platform for Children, the platform exposes almost 1 million entries of users’ activity.
Square Panda – Virtual platform launched to help children learn how to read and write through various online games. The platform exposes over 15,000 user records.
Playground Sessions – It offers virtual piano lessons, around 4,100 users records exposed from the open Amazon bucket.
Seems many of the users affected in the breach are children and young people, attackers may launch Phishing and scam attack using the personal information.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read
Cognizant Confirms Data Breach After Ransomware Attack
ZEE5 Hacked – Hackers Stolen Over 150GB of Live Data from Video on Demand Platform
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…