Renowned cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected database having over 1.1 million records linked to Conduitor Limited (Forces Penpals). This platform provides dating services and social networking for US and UK military personnel and their supporters.
Source: VPNmentor
Jeremiah Fowler revealed that the publicly accessible database lacked password protection and encryption. It comprised a staggering total of 1,187,296 documents. In a brief review of the contents, it was noted that the majority of the documents were user images, alongside other potentially sensitive proof of service photos.
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
The documents contained full names, mailing addresses, Social Security Numbers, National Insurance Numbers, and Service Numbers. They also included sensitive details like rank, branch of service, dates, and locations that must remain confidential.
Fowler stated that the dataset was from Forces Penpals, a dating service and social network for military members and their supporters. The researcher reported an issue to the authorities, who restricted access of the dataset on the next day.
It is not clear how long the dataset was publicly available. Only an internal forensic audit can reveal any additional access or suspicious activity.