Pabbly Email Marketing Exposes 51.2 Million Records Online
Jeremiah Fowler reports:
Email marketing is big business and many companies rely on emails to keep in contact with their customers or potential customers. In the modern world of over priced pay per click ads targeted email marketing lists are the holy grail of an organization’s marketing strategy. This customer data is equally as valuable as the products or services the company provides.
On January 24th I discovered an open and publicly accessible database that contained millions of records and a massive amount of email addresses.
Read more on SecurityDiscovery. The company responded quickly to Jeremiah’s notification, but it seems that they never sent him any thank you or even an acknowledgement.
It is unclear how long the data was exposed or who else may have gained access to it before I responsibly disclosed my discovery to the Pabbly email marketing. It is also unclear if the affected customers or the authorities were notified of the exposure. Pabbly is located in Bhopal, Madhya Pradesh, India. According to their website Pabbly is used by 100K+ businesses that includes Harvard University, The Guardian, Uber and others At the time of publication no reply or statement has been given by Pabbly.
Another firm in India with a leak and we’re not sure if anyone will be notified because of the lack of strong laws in India.