More than 1 million e-learning users data exposed from a misconfigured and unencrypted Amazon S3 buckets and other types of servers. The exposed data can be accessed by anyone online without any form of authentication.
The breach was found by researchers at Wizcase, the breach affects 5 different eLearning Companies around the globe. The data found to be stored 4 Amazon S3 buckets and an ElasticSearch server, due to misconfigurations the data are available publically.
Following are the data exposed;
Escola Digital – Brazilian eLearning website exposes several CSV files with user’s personally identifiable information. The data found to be collected between 2016 and 2017.
MyTopDog – Platform specifically for school children based in SoutAfrica, exposes over 800,000 students data and other business information.
Okoo – Online Learning Platform for Children, the platform exposes almost 1 million entries of users’ activity.
Square Panda – Virtual platform launched to help children learn how to read and write through various online games. The platform exposes over 15,000 user records.
Playground Sessions – It offers virtual piano lessons, around 4,100 users records exposed from the open Amazon bucket.
Seems many of the users affected in the breach are children and young people, attackers may launch Phishing and scam attack using the personal information.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read
Cognizant Confirms Data Breach After Ransomware Attack
ZEE5 Hacked – Hackers Stolen Over 150GB of Live Data from Video on Demand Platform
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…