Aussie Social News App Leaks 80,000 User Records Online
A team of CyberNews researchers has disclosed that Snewpit, an Australian news-sharing platform, has leaked close to 80,000 users records.
The exposed data housed in an unsecured Amazon Web Services (AWS) server includes usernames, full names, email addresses, profile pictures and videos. Leaks include:
â€¢ 256 videos uploaded by app users and developers
â€¢ 23,586 photos documenting local events uploaded by users
â€¢ 4 CSV files â€“ including one with 79,725 user information such as full names, email addresses, usernames, user descriptions, last login times and total time spent using the app
â€¢ Profile pictures of thousands of users
Investigators disclosed their findings on September 24 to Snewpit, which secured the records on the same day.
Although Snewpit developers detected no suspicious activity, the AWS bucket was exposed for five weeks, meaning any individuals with direct access to the link could have accessed and downloaded the data.
“We will be reviewing all access control settings and ensuring our user data is secure and encrypted,” Snewpit founder Charlie Khoury said in response to the incident. “We take our data and security seriously and will endeavor to make sure this does not happen again.”
While there are no signs of user account compromise, Snewpit aficionados should change their account passwords and monitor their inboxes for any phishing or other suspicious emails.
Users shouldn”t overlook the incident just because the database lacked highly sensitive information such as credit card or Social Security numbers.
Bad actors can do wonders with small pieces of your digital persona, such as an email address or username â€“ information that may seems unworthy of attention.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022