Glosbe, a prominent multilingual online dictionary, is grappling with a severe data breach that has compromised the personal information of almost 7 million users. Discovered by Cybernews, the breach resulted from a misconfigured MongoDB server, laying bare sensitive user details, including personal information, social media identifiers, and encrypted passwords. Despite the gravity of the situation, Glosbe has yet to provide an official response.
The breach, uncovered by Cybernews researchers in December 2023, brought attention to the vulnerability of MongoDB, often susceptible to misconfigurations that leave databases exposed to the public. Though prompt action was taken to secure the database, Glosbe has remained silent on the incident, and attempts to obtain an official statement have been unsuccessful.
Researchers emphasize the severity of the exposed database, highlighting the risks users face, including identity theft, phishing attacks, and unauthorized account access. As the largest online dictionary platform, operating similarly to Wikipedia with community contributions, Glosbe’s breach underscores the growing challenges and consequences of cybersecurity vulnerabilities in widely-used online services.
Reference:
