Personal data of thousands of users on adult dating and e-commerce websites have been exposed online. The breach of over 70 platforms has been found by cybersecurity researchers vpnMentor.
The software was compromised through an unsecured Elasticsearch server, exposing people all over the world to dangers like identity theft, blackmail and fraud.
Some of the sites exposed in the data leak were scams, set up to trick men looking for dates with women in various parts of the world.
The database that stored more than 882GB of log files was taken offline on September 3 after vpnMentor researchers tracked it down.
The leak revealed included full names, age and date of birth, gender, email addresses, locations of senders, IP addresses, profile pictures uploaded by users and profile bio descriptions.
The vpnMentor research team wrote in their report: “At the beginning of our investigation, the server’s database was storing 882.1 GB of data from the previous four days, containing over 370 million records for 66 million individual notifications sent in just 96 hours.
“This is an absolutely massive amount of data to be stored in the open, and it kept growing. Tens-of-millions of new records were uploaded to the server via new indices each day we were investigating it.”
Find out more here.