Blog Posts
Over 170k Records, Including PII Exposed in Real Estate Investment and Management Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about an unencrypted and non-password-protected database that contained 170,360 records. The database, which presumably belongs to a real estate management and investment company, held PII, SSNs, and other internal potentially sensitive information. The publicly exposed database was not...
Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained 184 million login and password credentials. The publicly exposed database was not password-protected or encrypted. It contained 184,162,718 unique logins and passwords, totaling a massive 47.42 GB of raw credential data. In a...
Over 20 Thousand Medical Records With PII and Patient Info Exposed in Health Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained 21,344 records. The publicly exposed database was not password-protected nor encrypted. It contained 21,344 records with a total size of 6.99 GB. The name of the database indicated that it was an FTP storage repository. In a...
Thousands of Driver’s Licenses, Bank Documents & PII Exposed in Australian Fintech Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained 27,000 records belonging to Vroom by YouX — an Australia-based Fintech company that facilitates automotive financing. The publicly exposed Amazon S3 database was not password-protected or encrypted. It contained 27,000 records,...
Thousands of Records, Including PII, Exposed Online in Healthcare Marketplace Connecting Facilities and Nurses Data Leak
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained over 86,000 records belonging to ESHYFT — a New-Jersey-based HealthTech company that operates in 29 states. It offers a mobile app platform that connects healthcare facilities with healthcare workers, including Certified Nursing Assistants...
Nearly 1 Million Records Exposed In Multiple Airport Lost and Found Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained 820,750 records belonging to Lost and Found Software — a Germany based company offering lost and found tracking and return services for multiple airports in the US, Canada, and Europe. I recently discovered a single publicly exposed...
1.6 Million Clinical Research Records With PII and Patient Medical Info Exposed in Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained over 1.6 million records belonging to DM Clinical Research — a Texas-based network of clinical trial sites that partners with pharmaceutical companies and medical organizations to conduct research studies and surveys. The publicly...
Hundreds of Thousands of Records Exposed Online in FinTech Bill Pay Platform Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained over 240,000 records belonging to Willow Pays — a payment software company offering AI software solutions to allow users to finance bills and other payments. The publicly exposed database was not password-protected or encrypted. It...
One of the Biggest Website Hosting Providers, DreamHost, Leaked 814 Million Records Online Including Customer Data
A database owned by DreamHost, DreamPress managed WordPress hosting, was publically accessible online. 3 Years of DreamPress Customer and User Data Exposed Online On April 16th, 2021 security researcher Jeremiah Fowler together with the Website Planet research team discovered a non-password protected database that contained just under one billion records. The exposed...
Development Platform Builder.ai Exposed Over 1.2 TB of Data Containing More Than 3 Million Records
Cybersecurity researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained more than 3 million records belonging to Builder.ai — a London-based company offering AI software and app development solutions without any technical knowledge or coding skills. The publicly exposed database was not...
Over 600,000 Records, Including Background Checks, Vehicle, and Property Records Exposed Online by an Information Service Provider
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained more than 600K records belonging to SL Data Services/Propertyrec — an information research provider that offers real estate ownership data and criminal records search information. The publicly exposed database was not...
2 Million Records, Including the PII of Job Seekers, Exposed Online by a Tech Recruitment Service
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about millions of non-password-protected files that contained the PII of an estimated 200,000 job seekers in the technology sector. The records belonged to Alltech Consulting Services — a company that matches job seekers from around the world with employers throughout the United States and...
31 Million Records Exposed Online by Sports Technology Company
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password-protected database that contained 31 million records belonging to TrackMan — a software provider that offers swing and shot analysis technology for professional and amateur golf players. The publicly exposed database was not password protected or encrypted and...
Nearly One Million Documents Exposed By Software Provider for the Petroleum and Fuel Industry
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password-protected database that contained 780,000 records belonging to FleetPanda — a technology provider offering dispatch management, driver app, reporting and analytics, invoicing, and more. The database contained documents such as invoices, driver applications, images of...
Nearly 32 Million Documents, Invoices, Contracts, and Agreements Exposed Online by Global Field Service Management Provider
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password-protected database that contained 31.5 million records belonging to ServiceBridge — a technology company that offers field service management for businesses. The database contained contracts, work orders, invoices, proposals, and more from companies worldwide. The...