Chinese Socialarks leaks social profiles of 214 million users
Article continues below
Topics: CHINESE SOCIALARKS
The privacy snafu occurred at social media management firm Socialarks, which suffered a similar incident in August last year when 150 million users were exposed, according to Safety Detectives.
This time, a team led by Anurag Sen came across an Elasticsearch database left completely open without any password protection or encryption, during a routine IP scan.
The 408GB trove contained over 318 million records in total, although the exact number of users affected is still not known given the size of the leak. What the researchers do know is that it was illegally scraped from social media profiles on Facebook, Instagram and LinkedIn, contrary to the policy on those sites.
They discovered nearly 12 million Instagram user profiles, including names, phone numbers, usernames, email addresses, profile pictures and locations.
The trove also contained data on 82 million Facebook profiles including full names, email addresses, phone numbers, Messenger IDs, pictures and more.
Finally, the researchers uncovered 66 million LinkedIn user profiles containing full names, email addresses, job profiles and company names, amongst other data points. ■