Get a Pentest and security assessment of your IT network.

Cyber Security

Real-Time Location of Millions Exposed by Mobile Loan Apps

An open ElasticSearch cluster hosted on infrastructure owned by Aliyun Computing Co (also known as Alibaba Cloud) leaked 899 Gb of identity, credit card, banking, device, and real-time GPS location information. Data was added to the publicly-accessible database by over 100 mobile loan-related apps used by Chinese people when applying for loans. The company who owns the ElasticSearch server is not known even though the leaky database is now unreachable after Alibaba took down the exposed server. Some of the leaked records also contained the users’ passwords encrypted using MD5 message-digest algorithm.

Source: https://www.bleepingcomputer.com/news/security/real-time-location-of-millions-exposed-by-mobile-loan-apps/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation