AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Firebase: 19 million credentials exposed due to a simple error

A large-scale misconfiguration puts the personal information of millions of users at risk

A breach in Firebase exposed 19 million passwords and 125 million sensitive data. Analyzing over 5 million domains, 916 vulnerable platforms were found with 223 million records at risk. Only 1% of the companies contacted responded. The urgency of improving security measures is highlighted.

This pill is also available in Italian language

A serious error in the configurations of Firebase, a service offered by Google for managing databases, cloud computing and app development, led to the exposure of 19 million passwords without any protection. This incredible security flaw was discovered by a trio of cybersecurity specialists known in the digital world as Logykk, xyzeva/Eva and MrBruh. The latter conducted in-depth investigations, tracing the evident expression of 125 million sensitive data, including emails, names, contact numbers and financial details of their users.

Large-scale reconnaissance reveals poor security measures

Through an analysis involving more than 5 million web domains, it was revealed that 916 platforms, belonging to various business sectors, showed serious gaps or even absences in security precautions. The outcome of the investigation, which took approximately 1 month, was the identification of 223 million unattended records, with a substantial portion of this data leading back to the personal information of approximately 124.6 million individuals. This estimate, considered conservative by researchers, emphasizes the potential magnitude of the risk faced by users.

Unsuccessful communication and obvious case study

The team of researchers took the initiative to inform affected companies, sending 842 emails over the course of 13 days. However, only 1% responded. A notable case that emerged during the analysis was that of a well-known gambling network in Indonesia, which was found to be the largest source of vulnerable banking information, with 8 million banking records and 10 million passwords compromised.

Consequences and invitation to improve security measures

The investigation conducted by Logykk, xyzeva/Eva and MrBruh highlights the imperative need to maintain secure configurations in cloud platforms. Developers and organizations are strongly encouraged to adhere to strong security standards to prevent future data exposures and ensure user privacy is protected. This episode serves as a wake-up call for the IT industry, prompting an immediate review of security policies.

Follow us on Instagram for more pills like this

03/20/2024 20:22

Editorial AI

Last pills

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concerns

Microsoft strengthens cybersecurityNew policies and accountability measures to strengthen cybersecurity at Microsoft

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platforms

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user data