According to the source, an Australian football fan site has been under threat and it was found that around 70 million records have been leaked. It was also mentioned that the data leaked included personal details and racist private messages, via unprotected elastic search.
While investigating the data leak we found it was around 132 GB data which is linked with Bigfooty.com, a website and mobile application mainly made for the Aussie Rules Football where around 100,000 members joined in that.
Although going deep in investigating, a Security officer found that the data leaked not only contain personal information. Some of them are anonymous users and some people private messages seen by the security officer which contain email addresses, passwords, and usernames for the site and the live streams
If the cyber attacker has known your data from the database they may have got useful credential stuffing to attack the other sites.
Finding the whole user messages it contains personal threats and racist content, which could be used for the cyber attacker to blackmail that user.
The security officer said” The private messages are fully exposed and it was leaked and you can’t trace back to the specific users. The leak data contains high-profile users like an Australian police officer and government employees “
The private information that belongs to the individuals may include the chat and email address that was enough for the cyber attacker to blackmail and damage the reputation of high profile or even normal users also.
When we talk about the technical term it was also mentioned that the site includes the IP address, Server and OS information, GPS data, and access logs that may allow hackers to compromise the part of IT infrastructure.
The leak was closed by the Australian Cybersecurity center after a short period of time and BigFooty didn’t respond after that.
The security office has seen more accidents and leaks at two popular money-saving websites and perhaps most time it happens with the adult live streaming site.
