- The Cybernews team found a huge database belonging to Safelinking
- It cointained 30 million links, as well as customer data
- A malicious bot scraped, and destroyed it
A company that provides safe links services kept a major database with sensitive information unlocked and available to anyone who knew where to look.
As a result, sensitive information on millions of people got leaked on the dark web, and the database ended up destroyed.
This is according to cybersecurity researchers Cybernews. In early August, the team discovered a “poorly configured” and passwordless MongoDB database belonging to a company called Safelinking.net, a firm that provides password-protected links services.
Ransom demanded
When someone wants to send sensitive data across the internet, they can lock the link behind a PIN, or password, using companies like Safelinking. Thus, it is safe to assume that the data behind the link is highly sensitive in nature.
Still, Safelinking made the all-too-common error and failed to properly secure the database, Cybernews argues. It contained 30 million private links, as well as account data on more than 150,000 users. This data includes people’s usernames, emails, encrypted passwords with salt and API hashes, notification settings, security settings associated with the links, social media account IDs, and protected links.
Oftentimes, the researchers are first ones to find these databases, averting a bigger catastrophe. Not this time, though. Cybernews discovered that a malicious bot beat them to the punch, pulling all the data to an attacker-controlled server, and leaving a message that the archives would be destroyed if roughly $600 in bitcoin isn’t paid.
Since Safelinking didn’t pay the ransom demand, the bot destroyed the database, and it’s no longer publicly available.
“It’s a good reminder of why it’s so important to have solid security measures in place for platforms handling this type of data,” said the Cybernews research team. “Even if the platforms sometimes fail to secure users’ privacy, it’s good to know basic security hygiene, like using multi-factor authentication.”
Via Cybernews
