Brian Krebs reported that thousands of documents, emails, spreadsheets, images and the names tied to countless mobile phone numbers all could be viewed or downloaded without authentication from the domain theblacklist.click. The directory also included all 388 Blacklist customer API keys, as well as each customer’s phone number, employer, username and password.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.