Digital Point exposed the data on a misconfigured Elasticsearch database.
The self-proclaimed world’s biggest webmaster forum and marketplace for web services, Digital Point is yet another entity in the line of fire. Jeremiah Fowler, a security researcher and co-founder of Security Discovery along with WebsitePlanet discovered an unprotected Elasticsearch database belonging to Digital Point that exposed 863,412 user’s data and information.
Digital Point located in San Diego, California provides a range of services including Search Engine Optimization (SEO), analytics, advertising and even letting people buy and sell websites. Besides this, the huge marketplace brings together, freelancers, service providers, and marketers together.
See: 9,517 unsecured databases identified with 10 billion records globally
Security and data breaches have become an everyday occurrence. For users whose data has been exposed, feel violated, targeted, and frustrated, to say the least. Pertaining to this incident, the user’s name, email address. Internal IDs and records and user posts have been exposed.
This is a rather critical mistake on the company’s part especially when your clientele is spread across the globe, just as Digital Point claims. Loss of reputation and customers and subsequent litigation can ensue a serious impact.
However, Fowler, discovered that the non-password protected Elasticsearch database was readily open and visible on any publicly accessible browser. If in the wrong hands, the data could have easily been edited, downloaded, or deleted without any administrative credentials in pursui ..
Support the originator by clicking the read the rest link below.
