Data from millions of Brazilians exposed in Wi-Fi management software firm leak
The data of millions of Brazilians have been exposed by WSpot, a software provider that enables businesses to secure on-premise Wi-Fi networks and allow password-free online access to customers. The leak was discovered by SafetyDetectives after researchers found WSpot’s misconfigured Amazon Web Services bucket left exposed. The bucket contained 10GB of data. Researchers contacted WSpot on September 7 to notify them of the leak, and the database was secured the following day.
The database contained 226,000 files including personal information from roughly 2.5 million individuals who connected to public Wi-Fi networks provided by WSpot clients. WSpot provides services for clients such as Pizza Hut, Sicredi, and Unimed. SafetyDetectives stated that the information included details supplied by individuals in order to access the Wi-Fi services, including email addresses, full names, addresses, and taxpayer registration numbers. WSpot confirmed the leak, stating that it was caused by a lack of standardization in the management of information stored in the bucket.