Casino app “Clubillion” leaks users’ personal information
Researchers at vpnMentor have revealed that an unsecured Elasticsearch database leaked data on millions of global gambling app users.
The leaking database was hosted on AWS. The research team found that the unsecured data included personal information such as emails, private messages and IP addresses. Unlike other unsecured databases that have been discovered this one was receiving millions of new lines of data daily. The database was reported to Clubillion and AWS and finally secured in early April.
Leaked personal information is often exploited by cyber criminals. It can be used, for example, to target individuals in phishing campaigns where more personal or financial information may be sought.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.