"An unencrypted, non-password-protected database was discovered by Cybersecurity Researcher Jeremiah Fowler. This database contained files from an email marketing platform and held approximately 40 billion records (13 TB). The records appeared to belong to Netcore Cloud Pvt. Ltd (Netcore), an India-based company providing marketing services. Fowler sent a message to Netcore to inform them of the exposure, and the database was restricted the same day."
"While the database is no longer accessible, it is unknown if any malicious actors accessed it before it was restricted. Furthermore, it is unknown for how long the database was accessible. In the exposed files, Fowler discovered mail log records, banking notifications and healthcare information. Data contained in these records included email addresses, partial account numbers and IP addresses. Additionally, many of the exposed files were marked as confidential."
"The exposure of billions of digital messaging records has numerous potential risks that go far deeper than unwanted spam messages. The exposure of email addresses (both personal and professional) and mail delivery records could provide criminals with a better understanding of the business, customer, or banking relationships that an individual has. Hypothetically, these records could reveal sensitive personal and financial data that could be used by criminals for targeted phishing attempts."
A cybersecurity researcher discovered an unencrypted, non-password-protected database containing approximately 40 billion records (13 TB) from an email marketing platform linked to Netcore Cloud Pvt. Ltd. The database was restricted the same day after the researcher notified the company, which requested additional information. It remains unknown whether any malicious actors accessed the data or how long the database had been exposed. Exposed records included mail logs, banking notifications, healthcare information, email addresses, partial account numbers, and IP addresses, and many files were marked confidential. Such exposed data could enable targeted phishing and reveal business or banking relationships.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]