Renowned cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected database having over 1.1 million records linked to Conduitor Limited (Forces Penpals). This platform provides dating services and social networking for US and UK military personnel and their supporters.
Source: VPNmentor
Jeremiah Fowler revealed that the publicly accessible database lacked password protection and encryption. It comprised a staggering total of 1,187,296 documents. In a brief review of the contents, it was noted that the majority of the documents were user images, alongside other potentially sensitive proof of service photos.
The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May...
Recent security research has shown that attackers can weaken zero-trust security frameworks by exploiting a key DNS vulnerability, disrupting automated...
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
The documents contained full names, mailing addresses, Social Security Numbers, National Insurance Numbers, and Service Numbers. They also included sensitive details like rank, branch of service, dates, and locations that must remain confidential.
Fowler stated that the dataset was from Forces Penpals, a dating service and social network for military members and their supporters. The researcher reported an issue to the authorities, who restricted access of the dataset on the next day.
It is not clear how long the dataset was publicly available. Only an internal forensic audit can reveal any additional access or suspicious activity.