PhotoSquared data leak leaves 94.7GB of customer data exposed online including names, addresses
Just for perspective, some top-end smartphones come with 128GB of storage. The customer data leaked online by the popular photo app is a little less than all the data that can be saved on one such smartphone
Researchers recently discovered that a popular photo app called PhotoSquared leaked personal data and images of thousands of customers. This leak happened as a result of an 'unsecured' Amazon Web Services (AWS) storage bucket.
The discovery of this leak was made by vpnMentor who found that a misconfigured s3 database belonging to PhotoSquared was left online without any password protection.
PhotoSquared creates printed photo boards from customers' digital images.
The S3 database had 94.7GB of data and contained more than 10,000 records from November 2016 to January 2020 including photos, order records, receipts, shipping labels etc.
Full names and home delivery addresses of PhotoSquared's customers were left exposed online in the leak and any hacker could use this information.
Also Read: Facebook's Twitter, Instagram and Messenger accounts hacked by OurMine
According to vpnMentor, "PhotoSquared's reputation could suffer as a result of the data leak and the company could also face compliance fines", reports TechRadar. Additionally, in the report detailing its investigation, vpnMentor noteed that PhotoSquared customers could be targeted by both hackers and thieves, saying:
"By combining a customer's home address with insights into their personal lives and wealth gleaned from the photos uploaded, anyone could use this information to plan robberies of PhotoSquared users' homes. Meanwhile, PhotoSquared customers could also be targeted for online theft and fraud. Hackers and thieves could use their photos and home addresses to identify them on social media and find their email addresses, or any more Personally Identifiable Information (PII) to use fraudulently."
This data leak was found through a simple port scanning exercise but thankfully PhotoSquared was able to fix the leak within just 10 days after the company was contacted by the researchers.
Also Read: Researcher discovers WhatsApp bug that allowed hackers to access files on your PC
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.