Internet
Unsecured Database Found Leaking Data About Millions of Indians, Gets Hijacked by Hackers: Report
A massive database containing over 275 million records with personally identifiable information about Indian citizens was allegedly found unprotected and publicly indexed on the Internet. Discovered by a cybersecurity expert, this MongoDB database seems to include data scrapped from various job portals, given the fields in the database like “industry,” “resume ID,” and “functional area.” While some of professional information present in the database isn’t that damaging, the database also included details like name, email address, gender, date of birth, salary, and mobile number, access to which can be exploited by malicious parties. MongoDB is a widely used open-source database management system.
Found by security researcher Bob Diachenko from Securitydiscovery.com on May 1, the database has since been hijacked by hackers known as “Unistellar group”, who have replaced it with a message to contact to restore it, possibly in an exchange of a ransom. If the database being left unprotected wasn’t bad enough, it is now in hands of a hacker group, who may be willing to sell it to anyone.
The unprotected database had a size of 110GB
Photo Credit: Securitydiscovery.com
According to Diachenko, he had immediately contacted Indian Computer Emergency Response Team (CERT) about the unprotected database, but the database remained accessible until May 8, following which it was hijacked by the Unistellar group.
The data available with Shodan, a search engine for Internet-connected devices, reveals that the database was first indexed on April 23, 2019, meaning it was available on the Web for at least two weeks for anyone to access the private information.
It is unclear at this point, who was the owner of the database, but Diachenko speculates that it belonged to an “anonymous person or organization” as part of a massive scraping operation. The owners of the database have seemingly managed to scrap over 275,265,298 records of personal information about Indian job seekers. Diachenko’s assertions about database owner seem plausible considering none of Indian job portals, have anywhere close to 275 million members.
The database has now been hijacked by a hacker group
Photo Credit: Securitydiscovery.com
This is not the first time that Diachenko has found an unprotected database leaking private information of millions of users online. Last month, he discovered an Indian state (unnamed) had left details of millions of pregnant women online. The data leak included digitised version of millions of medical forms that included private details.
Coinbase, the cryptocurrency exchange that allows users to easily buy, sell, trade, and hold various cryptocurrencies, has added dogecoin to its roster. The ‘joke’ cryptocurrency has picked up speed in a way unanticipated years ago when it first launched, making a small number of people very wealthy while driving others to purchase the coins in hopes of reaching or exceeding … Continue reading
Samsung just released three high-powered notebook computers to the public, all in their “Galaxy Book” brand line. The Galaxy Book Pro was released in 13 and 15-inch iterations, both new for 2021. There’s a new Samsung Galaxy Book 360 in both 13 and 15-inch iterations, and there’s a new Galaxy Book Flex2 α (Alpha) that’s new for 2021, too. Samsung … Continue reading
This week a set of leaks suggest that the 2021 version of the MacBook Pro will bring back some long-lost must-have features. Where the MacBook Pro used to come with a variety of ports: USB, HDMI, headphone jack, and SD-card included. With the latest data leak on the next MacBook Pro release from Apple, it would seem that we could … Continue reading
Pipeline attacker Darkside suddenly goes dark—here’s what we know
Darkside—the ransomware group that disrupted gasoline distribution across a wide swath of the US this week—has gone dark, leaving it...
2021 Infiniti Q50 Red Sport 400 AWD Review: Too much and not enough
Infiniti is getting squeezed. On the one hand, its premium rivals have fresher ranges, more competitive models, and sports sedans...
Researchers force two mice to hang out and induce FOMO in a third
Since its advent in 2005, a technique called optogenetics has made it vastly easier to link neural activity with behavior...
Coinbase is the latest crypto exchange to add dogecoin support
Coinbase, the cryptocurrency exchange that allows users to easily buy, sell, trade, and hold various cryptocurrencies, has added dogecoin to...
Sotheby’s first NFT auction revealed
An art auction is set to take place in June of 2021 called “Natively Digital: A Curated NFT Sale.” This...
-
Social1 year agoCrashPlan for Small Business Review
-
Gadgets3 years agoA fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
-
Mobile3 years agoMemory raises $5M to bring AI to time tracking – TechCrunch
-
Social3 years agoiPhone XS priciest yet in South Korea
-
Cars2 years agoWhat’s the best cloud storage for you?
-
Security2 years agoGoogle latest cloud to be Australian government certified
-
Social3 years agoApple’s new iPad Pro aims to keep enterprise momentum
-
Cars2 years agoSK Telecom and Samsung to collaborate on 5G for enterprise