Personal Details of 1M Dating App Customers Leaked – Security expert comments

Expert(s): Security Experts July 7, 2020

It was reported over the weekend that breaches occurred in five dating apps, leaking PI on more than 1 million users, attributed to misconfigurations of various servers: Amazon buckets, ElasticSearch, and MongoDB.

Experts Comments

Dot Your Expert Comments

Casey Kraus

July 07, 2020

President of Cloud Security Management Provider

Senserva

There is always a shared responsibility for security between the cloud provider and the company.

Companies that store their data in cloud environments need to have misconfigurations to be the focus of the security conversation. There is always a shared responsibility for security between the cloud provider and the company. Failure to ensure that your environment is secure will continue to put your company and your client's information as risk. It is said that 99% of data breaches in cloud environments happen due to customer misconfiguration, mismanagement, or mistakes.

Colin Bastable

July 07, 2020

CEO

Lucy Security

ElasticSearch databases are probably the primary sources of data leaks, because of misconfigurations when set up.

ElasticSearch databases are probably the primary sources of data leaks, because of misconfigurations when set up. For example, the front end UI is often secured with authentication, but admins forget that the default port 9200 is also visible and accessible online, meaning that unprotected ElasticSearch databases can leak data via the backdoor. Having built the database, the developers probably forgot all about patching it, focusing on the front end’s ease-of-use to drive user engagement and.....Read More

Dot Your Expert Comments

Only for registered and approved experts. Please register before providing comments. Register here

Your Comments Headline (max 150 Char)

Your Comments:

Your Email:

* By using this form you agree with the storage and handling of your data by this web site.

Submit

Bill Connor, CEO, SonicWall

"That hackers are targeting universities during this especially delicate time will come as no surprise to any business leader. "

UK Minister Raab Wakes Up to Aggressive Cyber-Attacks Targeting British Education Sector

Baber Amin, COO, Veridium

"If access was obtained via a stolen credential, that will make it a bit more challenging to track. "

~200K US Military Vets’ Medical Records Leaked by 3rd Pty – Cyber Experts’ Perspectives

Tom Garrubba, Senior Director and CISO, Shared Assessments

"It is possible that a ransomware incident and the exposed databases are related. "

~200K US Military Vets’ Medical Records Leaked by 3rd Pty – Cyber Experts’ Perspectives

Dr. Chenxi Wang, General Partner, Rain Capital

"Instead of encrypting data and ask for a ransom, more ransomware attacks have been threatening to expose data instead. "

~200K US Military Vets’ Medical Records Leaked by 3rd Pty – Cyber Experts’ Perspectives

Saryu Nayyar, CEO, Gurucul

"All in all, this is a troublesome discovery, especially given the sensitivity of the data. "

~200K US Military Vets’ Medical Records Leaked by 3rd Pty – Cyber Experts’ Perspectives

Sam Curry, Chief Security Officer, Cybereason

"Asymmetry in cyber conflict is more and more favouring attackers as they hone their skills and tools. "

Experts Responses on Verizon DBiR Findings

Dan Conrad, Field Strategist, One Identity

"\"85 percent of breaches involved a human element” – again, Identity is the security perimeter. "

Experts Responses on Verizon DBiR Findings

Eoin Keary, CEO and Cofounder, Edgescan

"It is ever more important for the cybersecurity industry to come together and join forces to fight the challenges facing organisations today. "

Experts Responses on Verizon DBiR Findings

Adam Enterkin, SVP, EMEA, BlackBerry

"Humans and tech must work hand in hand. "

Experts Insight On US Pipeline Shut After Cyberattack

Christine Gadsby, VP of Product Security, BlackBerry

"The only way to keep the enemy out is to ensure you have good cyber hygiene practices in place. "

Experts Insight On US Pipeline Shut After Cyberattack

Terry Olaes, Technical Director, Skybox Security

"Hackers now see critical infrastructure as low-hanging fruit. "

Experts Insight On US Pipeline Shut After Cyberattack

Jake Moore, Cybersecurity Specialist, ESET

"The effort undertaken to attack the new AirTag was intensive and impressive, but tracking people must not be taken lightly. "

Expert Reaction On Researcher Proves AirTags Can Be Hacked

Matt Trushinski, Technical Director, Arctic Wolf

"This situation illustrates a growing security crisis. "

Experts Insight On US Pipeline Shut After Cyberattack

Miles Tappin, Vice President, EMEA, ThreatConnect

"Critical infrastructure cybersecurity must adopt a risk-led security strategy. "

Experts Insight On US Pipeline Shut After Cyberattack

Baber Amin, COO, Veridium

"Ransomware gangs have caught on to this naïve approach and are happy to exploit it. "

Babuk Ransomware Gang Again Threatens DC Police Data Release

Personal Details of 1M Dating App Customers Leaked – Security expert comments

Experts Comments

Dot Your Expert Comments

You may also like