Cloud configuration error at Chinese startup revealed at least personal data 214 million social media users, including celebrities, warned the researchers.
The privacy breach occurred at social media management company Socialarks, who suffered a similar incident in August of last year when 150 million users have been exposed, selon Safety Detectives
This time, a team led by Anurag Sen stumbled upon an Elasticsearch database left completely open without any password protection or encryption, during a routine IP scan
The treasure of 408 Go contained more than 318 million records in total, although the exact number of affected users is still not known given the size of the leak. What the researchers know, it is that he was illegally scraped from social media profiles on Facebook, Instagram and LinkedIn, contrary to the policy on these sites.
They discovered nearly 12 million Instagram user profiles, including names, phone numbers, usernames, e-mail addresses, profile pictures and locations.
The treasury also contained data on 82 million Facebook profiles, including full names, adresses e-mail, phone numbers, Messenger IDs, pictures and more
Finally, researchers have discovered 66 millions of LinkedIn user profiles with full names, e-mail addresses, job profiles and company names, among other data points
Security officials said it was unclear how private information such as phone numbers and email addresses was obtained by Socialarks, given that its scraping tools should have lifted only publicly available information.
“In some cases, the recovered data can be used as a weapon to achieve a specific purpose of extracting personal information for criminal purposes Potential ramifications of disclosing personal information include identity theft and financial fraud on other platforms, including online banking », warned the company.
“Contact information can be exploited to target people with targeted scams, including sending personalized emails containing other personal information about the target, thus gaining their trust and paving the way for a deeper intrusion into their privacy”
Although Socialarks never responded to the research team, she remedied the leak on 14 December, the day it was notified
Social media, data breach, IT security, user, Facebook
News – GB – Chinese startup leaks social profiles 214 million users
Associated title :
– Chinese Startup Leaks Social Profiles of 214 Million Users
– & # 39; Huge trove& # 39; social media account data found on an unsecured server
– 200 millions Facebook, Instagram and Linkedin Users & # 39; scratched data exposed
– Exclusive: a massive data leak exposes information collected in more than 214 million social media accounts
– More than 400 Go de 214 million social media users have been reported by & # 39; Wrong configuration& # 39; from a Chinese company
– Millions of social profiles disclosed by Chinese Data-Scrapers
– Data over 200 million people left in free access on a Chinese server
– A Chinese company disclosed personal information about 214 million Facebook users, Insta & LinkedIn
– A Chinese start-up disclosed 400 GB of data recovered. 200 million Facebook users, Instagram and LinkedIn