[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Groupon leaks entire Indian user database
From: InfoSec News <alerts () infosecnews ! org>
Date: 2011-06-29 7:06:21
Message-ID: alpine.DEB.2.02.1106290005370.22046 () infosecnews ! org
[Download RAW message or body]
http://risky.biz/sosasta
By Patrick Gray
Risky.biz
June 28, 2011
The entire user database of Groupon's Indian subsidiary Sosasta.com was
accidentally published to the Internet and indexed by Google.
The database includes the e-mail addresses and clear-text passwords of
the site's 300,000 users. It was discovered by Australian security
consultant Daniel Grzelak as he searched for publicly accessible
databases containing e-mail address and password pairs.
Grzelak used Google to search for SQL database files that were web
accessible and contained keywords like "password" and "gmail".
"A few hours and tweaks later, this database came up," he said. "I
started scrolling, and scrolling and I couldn't get to the bottom of the
file. Then I realised how big it actually was."
[...]
___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic