Chinese company exposes data of 50.5 million users, mostly children
The Chinese global mobile app and mobile platform development firm, Sungy Mobile, aka GOMO, may have leaked the data of over 50.5 million customers, mostly of which are children. An open port allowed independent researcher going by the pseudonym “Flash Gordon” to infiltrate the database through vulnerable IP addresses that had no login credentials. The researcher detected the flaw on May 25.
The apps developed by GOMO are very popular in China, especially among kids, the company claiming more than 2 billion downloads. The data exposed information such as emails, bcrypt passwords, country of user, avatars and purchases, as well as some information of US users such as emails, username, school, gender, date of birth and their International Mobile Subscriber Identity number. Overall, some 100GB of decompressed data was exposed.
Number-wise, the data exposed contained 50,553,664 unique accounts, 47,415,210 unique devices, 4,379 distinct mobile numbers in accounts, 51,426,769 distinct email addresses in accounts, 48,255,172 profiles and 4 system users.
At the moment, it is not clear if the affected customers have been informed about the vulnerability. According to a company statement released for DataBreaches.net, the bug was caused by a misconfigured backup, as per screenshot below.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022