Babysitting app suffers ‘temporary data breach’ of 93,000 users

John E. Dunn reports:

Babysitting-booking app Sitter “temporarily” exposed the personal data of 93,000 account holders, according to a researcher who recently discovered the trove of data using the Shodan Internet of Things (IoT) search engine.

In a LinkedIn post, Bob Diachenko explains how he found the 2GB MongoDB database on August 13, which contained phone numbers, addresses, transaction details, phone book contacts, partial credit card numbers, and encrypted account passwords.

Other information included in-app chat and notification history, plus details of which users needed a babysitter at what time and at which address.

Read more on Naked Security.

About the author: Dissent

Comments are closed.