Skip to main content

Leaky server exposes users of dating site network

posted onSeptember 13, 2020
by l33tdawg
vpnMentor
Credit: vpnMentor

An online database left exposed online without a password has leaked the personal details of hundreds of thousands of users who signed up for online dating sites. The leaky database, an Elasticsearch server, was discovered at the end of August by security researchers from vpnMentor.

The database was taken offline on September 3 after vpnMentor tracked down its owner in Mailfire, a company that provides online marketing tools. vpnMentor researchers said the database stored copies of push notifications that various online sites were sending to their users via Mailfire's push notification service.

Push notifications are real-time messages that companies can send to smartphone or browser users who agreed to receive such messages. The leaky database stored more than 882 GB of log files pertaining to push notifications sent via Mailfire's service, with the logs being updated in real-time, as new notifications were being sent out. In total, vpnMentor said the log files contained details for 66 million individual notifications sent over the previous 96 hours, with personal details for hundreds of thousands of users.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th