Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

54m affected in Russian website builder data leak

Users of a Russian website builder have had their data leaked after the organisation left a database publicly accessible.

user icon Daniel Croft
Thu, 22 Feb 2024
54m affected in Russian website builder data leak
expand image

Fifty-four million users of the uID.me website builder, which was developed by Russian web hosting company uCoz, had their data exposed, with records dating from 2012 to now.

Exposed customer data includes names, usernames, dates of birth, IDs, contact details such as emails and phone numbers, locations, timestamps and IP addresses. Increasingly sensitive data such as password hashes, authentication hashes, biographies, links to photos, secret answers, last visitor IPs, and social media profiles were also exposed.

The leak came as a result of a misconfigured MongoDB database, which, according to cyber security researcher Bob Diachenko, left the data publicly accessible for over a week.

============
============

“With access to this comprehensive dataset, threat actors could conduct various malicious activities, including identity theft, phishing attacks, social engineering schemes, unauthorised access to accounts across multiple social media platforms, and potentially compromising individuals’ online security and privacy,” said Diachenko via CyberNews.

It is currently unknown if any of the exposed data was accessed by threat actors, nor if there are any cases of the data being used for malicious purposes.

Cyber Daily has reached out to uID.me requesting a statement or comment on the incident.

Misconfigured MongoDB and other databases appear to be a growing issue of late, with a large number of organisations making the same mistake.

Most recently, the data of 2.5 million cannabis industry workers after a tech company used by dispensaries leaked their personal information after it misconfigured a MongoDB database.

Prior to this, an additional 2.1 million users of the LectureNotes learning application had their information exposed for the same reason.

While MongoDB is not at fault for these instances, the company has faced its own security issues after suffering a cyber attack late last year in which threat actors accessed its corporate systems.

“MongoDB is investigating a security incident involving unauthorised access to certain MongoDB corporate systems,” said a company post, which was uploaded on 16 December.

“This includes exposure of customer account metadata and contact information. At this time, we are NOT aware of any exposure to the data that customers store in MongoDB Atlas.

“We are still conducting an active investigation and believe that this unauthorised access has been going on for some period of time before discovery,” the company added, with the lengthy period of access suggesting that data may have been stolen.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.