Information Security News mailing list archives
Millions of records about Middle Eastern drivers left in an insecure database
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 19 Apr 2019 09:24:51 +0000 (UTC)
https://www.cyberscoop.com/mongodb-data-exposure-snapp-tap30/ By Jeff Stone CYBERSCOOP April 18, 2019 Records containing sensitive information on perhaps millions of Iranian drivers was left unsecured in a publicly available database for days, according to security research published Thursday. More than 6.7 million records from 2017 and 2018 were estimated to be exposed in a database discovered by researcher Bob Diachenko. Information included drivers’ first and last names, their Iranian ID numbers stored in plain text, their phone numbers, and other data such as invoice information. The data is now secured, Diachenko told CyberScoop. The actual number of people affected in the breach is likely less than 6.7 million, Diachenko explained, because the database contains multiple files referring to the same people. While the origin of the data remains unclear, Diachenko suggested it may have been stolen from the Iranian ride-hailing companies Snapp and/or TAP30. [...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Millions of records about Middle Eastern drivers left in an insecure database InfoSec News (Apr 19)