Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Millions of records about Middle Eastern drivers left in an insecure database

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 19 Apr 2019 09:24:51 +0000 (UTC)
https://www.cyberscoop.com/mongodb-data-exposure-snapp-tap30/

By Jeff Stone
CYBERSCOOP
April 18, 2019

Records containing sensitive information on perhaps millions of Iranian drivers
was left unsecured in a publicly available database for days, according to
security research published Thursday.

More than 6.7 million records from 2017 and 2018 were estimated to be exposed in
a database discovered by researcher Bob Diachenko. Information included drivers’
first and last names, their Iranian ID numbers stored in plain text, their phone
numbers, and other data such as invoice information. The data is now secured,
Diachenko told CyberScoop.

The actual number of people affected in the breach is likely less than 6.7
million, Diachenko explained, because the database contains multiple files
referring to the same people.

While the origin of the data remains unclear, Diachenko suggested it may have
been stolen from the Iranian ride-hailing companies Snapp and/or TAP30.

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: