Website Planet Security Team
Website Planet is the number one resource for web designers, digital marketers, developers, and businesses with an online presence.
Our team of ethical security research experts uncovers and discloses serious data leaks as part of a free community service we perform for the web at large.
Blog Posts
Millions of Users’ Website Traffic Exposed in Data Breach
Company name and location: Unknown Size (in GB and amount of records): Around 359M records, 579.4 GB of data Data Storage Format: ElasticSearch Countries Affected: Worldwide The Website Planet research team discovered a critical data exposure affecting an organization using an open-source data analytics software that allows entities to gather...
Report: US Marketing Platform Exposed Millions of Leads’ Data
Company name and location: Beetle Eye, located in the USA Size (in GB and amount of records): 1+ GB of data, 6K files People affected: 7 Million (approx.) Data Storage Format: Amazon S3 bucket Countries Affected: Primarily USA The Website Planet research team uncovered a large data breach affecting the American marketing automation platform Beetle Eye. Beetle...
Report: Conferencing Service Exposes Private Customers’ Meetings
Company name and location: Civicom Inc., located in the USA Size (in GB and amount of records): 100,000+ files, over 8TB Data Storage Format: AWS S3 bucket Countries Affected: USA The Website Planet security team uncovered a data breach affecting the B2B conferencing service Civicom Inc. The US firm, which specializes in online video conferencing, left its...
Report: US Supply-Chain Platform Exposes Sensitive Data of Businesses
Company name and location: ePallet Inc., located in CA, USA Size (in GB and amount of files): Over 2.5 million files, totalling 600+ GB of data No. of Companies Affected: 100 to 200 businesses Data Storage Format: Amazon S3 bucket Country Affected: USA Intro The Website Planet research team identified a data exposure affecting the...
Report: US Logistics Company Exposes Fortune 500 Clients
Company name and location: D.W. Morgan, headquartered in the USA Size (in GB and amount of records): 100+ GB of data, over 2.5 million files Data Storage Format: AWS S3 bucket Countries Affected: Worldwide The Website Planet security team discovered a data breach affecting D.W. Morgan, a multinational supply chain management and logistics company based in the...
Report: French Estate Agency Leaks Thousands of Customer Files
Company name & location: GSI Immobilier, located in France Size (in GB and amount of records): 2 GB of data, 1342 records Data Storage Format: Microsoft Azure Blob Countries Affected: France & England The Website Planet research team can reveal a damaging data leak belonging to the French real estate agency, GSI Immobilier. GSI Immobilier is an Alpine...
Huge U.S. Supermarket Chain Exposes Sensitive Credentials
Company name and location: Wegmans, based in the USA Size (in GB and amount of records): 626 MB (No. of records unknown) Data Storage Format: Microsoft Azure Blob Countries Affected: USA (but only company technical data) The Website Planet research team has uncovered a data breach affecting the U.S. regional supermarket and eCommerce chain Wegmans. Wegmans is a...
Report: Multinational Logistics Company Exposed Customers’ in Data Breach
Company name and location: Bergen Logistics, located in the USA, Canada, Europe & Asia. Size: Less than 100 MB, exposing 467,979 records Data Storage Format: Elasticsearch Countries Affected: USA The Website Planet security team uncovered a data leak affecting Bergen Logistics, a rapidly-growing order fulfillment provider based...
Report: Indian Cloud Infrastructure Company Leaves Customer Data Exposed
Originally published on October 23th, 2019 Company: E2E Networks Hosting (formerly Spikecloud) Severity: High Type: ElasticSearch Database Size: 8GB, amounting to 21,682,731 records exposed Countries Affected: Primarily India Our security research team at Website Planet has discovered a large database breach on the severs of Cloud Infrastructure company E2E...
Report: US Shipping Management Software Exposed by Data Breach
Company name and location: Unknown Breach size: 4,361 files exposed (103 GB) Number of people exposed: 4,000+ Data Storage Format: AWS S3 Bucket Countries Affected: United States A US-based software company in the freight industry has been exposed in a 103GB data breach, affecting more than 4,000 people including the company’s employees, sales reps and people...
Report: UK Recruitment Firm Leaked Sensitive Applicant Data
Company name and location: FastTrack Reflex Recruitment (now part of Team Resourcing Ltd.), based in the United Kingdom. Size: 5 GB of data leaked, with 21,000 exposed files. Data Storage Format: AWS S3 Bucket. Countries Affected:Primarily affected UK citizens, though some people were from Europe, Western Asia, and the US. The Website Planet research team...
Report: UK marriage tax relief specialist Exposes Customers’ Personal Information In Data Leak
Originally published on December 11th, 2020 Company name and location: Marriage Tax Allowance Ltd, based in the United Kingdom Leak size: Over 100,000 files totaling approximately 5GB of data Number of people exposed: >100,000 Data Storage Format: Directory Listing in the form of PDF documents Countries Affected: United Kingdom A UK-based company...
Report: Retail-focused Used Electronics Business Leaks Customers’ IDs & Fingerprints in Data Breach
Originally published on November 17th, 2020 Company name and location: TronicsXchange, Inc based in California, US. Leak size: Over 2.6 million files (including 80,000 identification photos and approximately 10,000 fingerprint samples). Number of people exposed: 80,000+ Data Storage Format: AWS S3 Bucket Countries Affected: United States A US-based used...
Report: Romanian Real Estate Portal Suffers Crippling Data Breach
Originally published on January 29th, 2021 Company name and location: Imobiliare, based in Romania Breach size: 201,087 files Number of people exposed: Approximately 200,000 Data Storage Format: AWS S3 Bucket Countries Affected: Romania The largest real estate portal in Romania, Imobiliare, has suffered a data breach that could potentially affect its entire...
Trump 2020 Campaign Exposed to Attack via App
Led by renowned cybersecurity analysts Noam Rotem and Ran Locar, our security research team recently discovered a security vulnerability in US President Donald Trump's mobile campaign app. The team discovered the keys to various parts of the app, including its Twitter API. Trump App Data Exposed The reelection app exposed the information below in the Android APK...