1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Anti-vax dating site exposed data of thousands of users

    From TechnologyDaily@1337:1/100 to All on Tue Jul 26 16:30:04 2022
    Anti-vax dating site exposed data of thousands of users

    Date:
    Tue, 26 Jul 2022 15:03:15 +0000

    Description:
    Website misconfiguration leads to the exposure of sensitive data on 3,500 vaccine deniers.

    FULL STORY ======================================================================

    A misconfiguration in the admin dashboard of Unjected, a dating site built
    for people who do not want to get vaccinated against Covid-19, has left sensitive data of its entire userbase compromised, the media reported earlier this week.

    A cybersecurity researcher going by the name GeopJr recently reached out to the Daily Dot and demonstrated that the misconfiguration allowed him, or anyone else who knew where to look, to become the sites administrator.

    GeopJr demonstrated that the site was published live with the debug mode turned on. This is a mode used by software developers while the site is still under construction, and as such, comes with a wide array of sets and
    features. Such a mode should never be turned on by default, in a deployed application, the publication stresses. Accessing the database

    As an admin, the user can change pretty much anything on the site, add or remove pages, edit, or delete, all of the posts, as well as the sites
    backups.

    The admin also has access to the entire user database and all of the details listed in there which, in this particular case, include names, dates of
    birth, email addresses, and (optionally), postal addresses.This data can be abused for identity theft , for example.

    The dating site counts some 3,500 users, whose sensitive data have now been exposed. Read more

    AMD is investigating a serious potential data breach


    Top data breaches and cyber attacks of the year so far


    Here are the best data loss prevention services right now

    It may be a small site, but its ambitions are quite big - as dating intermediation is just one of the services offered on the site, another one being fertility, where users can donate their semen, eggs, or breastmilk. Theres also a blood bank service, the publication has found, where people can donate blood. Both of these services are advertised as mRNA-free.

    The Unjected app is currently only available on the Google Play Store, as it was kicked from Apples App Store for violating the companys Covid-19 content policies. On Android, it appears to have more than 10,000 downloads. These
    are the best firewalls around

    Via: The Daily Dot



    ======================================================================
    Link to news story: https://www.techradar.com/news/anti-vax-dating-site-exposed-data-of-thousands- of-users/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)