CyberNews Briefs

Misconfigured Cloud Server Exposes 66,000 Gamers

Roughly 30GB of data impacting tens of thousands of users has been exposed due to a misconfigured Elasticsearch server owned by popular gaming site The site has 100,000 Google Play downloads and boasts 20,000 active daily players globally. Researchers at WizCase found the server, which contained no encryption or password protection. 23 records were exposed, including information such as usernames, device details, hashed passwords, Facebook IDs, IP addresses, and in-game transaction details.

In total, 66,000 separate users potentially had sensitive information exposed to bad actors on the web due to the misconfigured server. However, there are no signs of access so far. The information could be used to conduct convincing phishing attacks against the victims. VIPGames offers card games and others such as Crazy Eights, Rummy, Dominoes, Backgammon, Ludo, and Yatzy.

Read More: Misconfigured Cloud Server Exposes 66,000 Gamers

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.