DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Get Help
CyberMaterial
Home Incidents

Database of the Cricketsocial.com platform left open online

January 6, 2023
Reading Time: 2 mins read
in Incidents

 

Cricketsocial.com, is a social platform developed for the cricket community online. CyberNews discovered that a database used by the platform was left open online, it contains a huge trove of data.

The Social platform for the cricket community exposed over 100k entries of private customer data and credentials.

The database, hosted by Amazon Web Services (AWS) in the US, contained admin credentials and private customer data, including email, phone numbers, names, hashed user passwords, dates of birth, and addresses.

The experts noticed that most of the records in the database seem to be test data, however, the experts discovered it also includes personally identifiable information (PII) of legitimate site users. The data stored in the database includes posts, comments, number of likes, and links to images kept on the AWS storage bucket.

“Even if all the information stored was test data, leaving data in plaintext is a poignant indication of bad security practices being employed. That creates unnecessary risks for unsound practices creeping into the production environment if left unchecked.” Cybernews researchers said.

The experts discovered the database also exposed plaintext credentials for a website administrator account, a piece of information that could allow an attacker to take over the platform.

The storage of passwords in plaintext is a bad practice that could advantage threat actors while targeting an infrastructure.

READ FULL ARTICLE

Tags: Cricketsocial.comCyberattacksData BreachData stolenincidentsIncidents 2023January 2023Personally Identifiable InformationSocial Media
1
VIEWS
ADVERTISEMENT

Related Posts

Luxury Retailer Cortina Watch Hacked

Luxury Retailer Cortina Watch Hacked

June 9, 2023
Ascension Seton: Data Breach Personal Info

Ascension Seton: Data Breach Personal Info

June 9, 2023
Honda’s Ecommerce Platform Exposed

Honda’s Ecommerce Platform Exposed

June 9, 2023
Aix-Marseille University Targeted in Cyberattack

Aix-Marseille University Targeted in Cyberattack

June 9, 2023

More Articles

Hands-On Artificial Intelligence for Cybersecurity

March 18, 2021
Alerts

NIST Standardizes Ascon Cryptographic Algorithm for IoT

February 8, 2023
Quotes

“The prize becomes much bigger…”

April 21, 2022
Course

PCI SSC WORK FROM HOME SECURITY AWARENESS TRAINING

May 20, 2022

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.