Cloud Security, Cloud Security

Gaming platform’s misconfigured cloud server led to exposure of 23 million records

VIPGames, an online platform that provides for free classic board and card games, exposed more than 23 million records for more than 66,000 users, reported Threatpost. The exposure was discovered by researchers with WizCase when scanning the internet for open servers. Among the records exposed were usernames, emails, IP addresses, hashed passwords, Facebook, Twitter and Google IDs, bets and even data on players who were banned from the platform. VIPGames  acknowledged in a statement an issue that potentially exposed user profiles. “We would like to clarify that this was a temporary misconfiguration, NOT an attack, hack, or breach," the company stated. "There are no records of any data being leaked. This misconfiguration was disclosed to us by a team of white hat penetration testers,” the company publicly stated. “The misconfiguration was resolved in less than two hours. Information about this was responsibly disclosed by the team at WizCase – cyber security research team.”

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.