Aussie Social News App Leaks 80,000 User Records Online
A team of CyberNews researchers has disclosed that Snewpit, an Australian news-sharing platform, has leaked close to 80,000 users records.
The exposed data housed in an unsecured Amazon Web Services (AWS) server includes usernames, full names, email addresses, profile pictures and videos. Leaks include:
â€¢ 256 videos uploaded by app users and developers
â€¢ 23,586 photos documenting local events uploaded by users
â€¢ 4 CSV files â€“ including one with 79,725 user information such as full names, email addresses, usernames, user descriptions, last login times and total time spent using the app
â€¢ Profile pictures of thousands of users
Investigators disclosed their findings on September 24 to Snewpit, which secured the records on the same day.
Although Snewpit developers detected no suspicious activity, the AWS bucket was exposed for five weeks, meaning any individuals with direct access to the link could have accessed and downloaded the data.
“We will be reviewing all access control settings and ensuring our user data is secure and encrypted,” Snewpit founder Charlie Khoury said in response to the incident. “We take our data and security seriously and will endeavor to make sure this does not happen again.”
While there are no signs of user account compromise, Snewpit aficionados should change their account passwords and monitor their inboxes for any phishing or other suspicious emails.
Users shouldn”t overlook the incident just because the database lacked highly sensitive information such as credit card or Social Security numbers.
Bad actors can do wonders with small pieces of your digital persona, such as an email address or username â€“ information that may seems unworthy of attention.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021