Exposed Database Archives | Vednam https://vednam.com/tag/exposed-database/ Latest News on Cyber Security,Hacking and Tech Mon, 01 Jun 2020 14:34:06 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://vednam.com/wp-content/uploads/2020/05/cropped-LOGO-PNG-02-1-32x32.png Exposed Database Archives | Vednam https://vednam.com/tag/exposed-database/ 32 32 70 Million records Leaked from Aussie Football Site https://vednam.com/70-million-records-leaked-from-aussie-football-site/ https://vednam.com/70-million-records-leaked-from-aussie-football-site/#respond Mon, 01 Jun 2020 14:33:22 +0000 https://vednam.com/?p=689 According to the source, an Australian football fan site has been under threat and it was found that around 70 million records have been leaked. It was also mentioned that the data leaked included personal details and racist private messages, via unprotected elastic search. While investigating the data leak we found it was around 132 […]

The post 70 Million records Leaked from Aussie Football Site appeared first on Vednam.

]]>
According to the source, an Australian football fan site has been under threat and it was found that around 70 million records have been leaked. It was also mentioned that the data leaked included personal details and racist private messages, via unprotected elastic search.

While investigating the data leak we found it was around 132 GB data which is linked with Bigfooty.com, a website and mobile application mainly made for the Aussie Rules Football where around 100,000 members joined in that.

Although going deep in investigating, a Security officer found that the data leaked not only contain personal information. Some of them are anonymous users and some people private messages seen by the security officer which contain email addresses, passwords, and usernames for the site and the live streams

If the cyber attacker has known your data from the database they may have got useful credential stuffing to attack the other sites.

Finding the whole user messages it contains personal threats and racist content, which could be used for the cyber attacker to blackmail that user.

The security officer said” The private messages are fully exposed and it was leaked and you can’t trace back to the specific users. The leak data contains high-profile users like an Australian police officer and government employees “

The private information that belongs to the individuals may include the chat and email address that was enough for the cyber attacker to blackmail and damage the reputation of high profile or even normal users also.

When we talk about the technical term it was also mentioned that the site includes the IP address, Server and OS information, GPS data, and access logs that may allow hackers to compromise the part of IT infrastructure.

The leak was closed by the Australian Cybersecurity center after a short period of time and BigFooty didn’t respond after that.

The security office has seen more accidents and leaks at two popular money-saving websites and perhaps most time it happens with the adult live streaming site.

The post 70 Million records Leaked from Aussie Football Site appeared first on Vednam.

]]>
https://vednam.com/70-million-records-leaked-from-aussie-football-site/feed/ 0
8 billion Thai internet records leaked ! https://vednam.com/8-billion-thai-internet-records-leaked/ https://vednam.com/8-billion-thai-internet-records-leaked/#comments Tue, 26 May 2020 06:04:55 +0000 https://vednam.com/?p=496 From Source, It started on 7 May and it took too long time May 22 to secure the database. Cyber experts discovered an exposed Elastic Search database when people were browsing BinaryEdge and Shodan. The database which leaked appeared to be under control by a Thailand-based mobile network operator which is mainly known as Advanced […]

The post 8 billion Thai internet records leaked ! appeared first on Vednam.

]]>
From Source, It started on 7 May and it took too long time May 22 to secure the database. Cyber experts discovered an exposed Elastic Search database when people were browsing BinaryEdge and Shodan. The database which leaked appeared to be under control by a Thailand-based mobile network operator which is mainly known as Advanced Info Service(AIS).

Finding deep news it comes that AIS is the Thailand largest GSM mobile Network which has almost “40.23 million customers” as of 2018. The database is maintained and controlled by the subsidiary Advanced Wireless Network(AWN). It has the combination of DNS query logs and NetFlow logs that appears to be an AWN customer. If someone got all this data then it is easy to create a user track of internet surfing. After this information comes then the Thailand national CERT Team (ThaiCERT) be in action and contact AIS and secure the database.

 

What is AWN?

According to the source, AWN is a provider of wired as well as wireless network service and telecommunication network provider. This company started in 2005 according to website information. AWN is the subsidiary company of Advanced info Service (AIS).

AWN’s network connects directly with AIS which has only upstream peers. When the ThaiCERT contacted AIS about the exposed database then the database went offline.

 

8 billion Thai internet records leaked!

When did that data leak start?

Based on the source story, the data was first hit on May 1 and then after May 7, 2020. There was not a single server left exposed on the internet without any authentication.AIS has been notified about the exposed database.

How Much Data Leaked?

Overall it would be 8.3 billion documents which are around 4.7 Terabyte data. On May, 21st,2020 8,336,189,132 Documents were stored in the database, and data contained NetFlow data and DNS Query logs. When they found it was roughly logged for only 8 days but why? 

 

Why they stopped logging after 8 Days questions are still open. Team perception is that they got more data than they entered to capture. Forensic says they logged roughly 2,538 DNS seconds per second for that period of time.

What do they get from data?

A lot of information can come out if they really follow the documents and data. They basically know your whole query generated on the internet and after that they are also able to know your personal information.

Based on the DNS queries it might be possible that they identify the person whole data because of DNS capture whole information of machine and queries. For example :

  • They use android TV is connected with internet
  • They use apple devices are connected with internet 
  • They use windows devices and the software you use with cloud connectivity.
  • They use Antivirus.
  • They even use your social media account also.
  • They read you google chrome or other browser saved information and history.

 

The post 8 billion Thai internet records leaked ! appeared first on Vednam.

]]>
https://vednam.com/8-billion-thai-internet-records-leaked/feed/ 3