Hosting Provider Exposed 63M Records incl. WP & Magento
I missed this report from Jeremiah Fowler the other day:
On October 5th I discovered a non-password protected database that contained a large amount of monitoring and system logs. There were records indicating data backups, monitoring, error logging, and more. Upon further research, the database appeared to belong to the Texas-based cloud application hosting provider, Cloud Clusters Inc. According to their website, they have 4 data center locations that include: Bend, Oregon, Charlotte, North Carolina, Denver, Colorado, and Dallas, Texas.[…]
It is unclear if Cloud Clusters Inc had notified customers or authorities regarding the exposure.
Emails and passwords in plain text are a potential nightmare waiting to happen.
I saw user/password credentials for Magento, WordPress accounts, and MySql.
Read more on Secure Thoughts.