Source: Threatpost
The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.
The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.
SocialArks data-management platform is used for programmatic advertising and marketing. It bills itself as a cross-border social-media management company dedicated to solving the current problems of brand building, marketing, marketing, social customer management in Chinas foreign trade industry.
The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further.
The scraped profiles included 11,651,162 Instagram user profiles; 66,117,839 LinkedIn user profiles; 81,551,567 Facebook user profiles; and 55,300,000 Facebook profiles that were deleted within a few hours after the open server was discovered.
The public profile data included biographies, profile pictures, follower totals, location settings, contact details such as email addresses and phone numbers, number of followers, number of comments, frequently used hashtags, company names, employment position and more.
How to Check if Your Information has Been Leaked
Go to https://haveibeenpwned.com/
Enter your email address and check if it has been part of any leaks.
If your email has been part of a leak, it is advised that you change your password for it, and the password for any other site that uses the same login details.
 |
|
Subscribe by Email
Follow Updates Articles from This Blog via Email
No Comments