Comic reading platform Mangatoon has suffered a data breach that exposed information belonging to 23 million user accounts after a hacker stole it from an unsecured Elasticsearch database.
Mangatoon is also a very popular iOS and Android app used by millions of users to read online Manga comics.
Read more at BleepingComputer.
Interestingly, the ES instance was not “unsecured,” but just so poorly secured that @Pompompurin, the owner of Breached.to, was able to access the data. In a statement to Bleeping, Pompompurin said he had emailed Mangatoon and they changed the credentials from “password” for the ES, but they do not seem to have notified their customers and never replied to Pompompurin. Nor, it seems, have they replied to Troy Hunt, Lawrence Abrams, and at least one other individual who was supposedly trying to contact them.