Blockchain-powered e-commerce startup leaks personal information of 25,000 early investors
A misconfigured MongoDB database has led to the leak of names, email and physical addresses, wallet information, encrypted passwords, and driver”s license and passport numbers of 25,000 early investors in Bezop. The leak deals a second security-related blow in months to the e-commerce startup, which hopes to give retail giant Amazon a run for its money by fashioning its business around digital currency.
Bezop is a decentralized blockchain-powered commerce platform, similar in some ways to Amazon, that hopes to be “the future of global trade,” according to its creators.
“No monthly fees, Build professional amazon-like stores and start accepting cryptocurrency in minutes,” reads a marketing tagline on the firm”s website.
The business is based on its own Bezop cryptocurrency, which trades under the name BEZ. Users are promised several sure-fire ways to generate profits, not just by selling goods in exchange for crypto coins, but also by participating in “mining” programs for an extra incentive.
However, things went awry for Bezop when researchers at Kromtech (a developer of popular macOS utilities) found a misconfigured MongoDB database that was showing the personal information of 25,000 Bezop investors in plain text â€“ publicly, for anyone with access to the Internet to see.
When alerted to the breach in March, Bezop fixed the problem but made no public admission that it messed up so badly â€“ if there”s one thing a startup needs like air, it”s the trust of its early backers.
Sadly for Bezop, it”s not the first time the company has made headlines for insecure handling of user data. As reported by hackread.com, only a few months ago the company sent usernames and passwords in cleartext format.
John McAffee (the founder of the security firm with the same name) sits on Bezop”s board of directors, but his expertise has apparently yet to rub off on the company he is backing.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021