The leaking database, an Elasticsearch server, was discovered at the end of August by security scientists from vpnMentor.
The database was taken offline on September 3 after vpnMentor located its owner in Mailfire, a business that supplies online marketing tools.
vpnMentor researchers stated the database saved copies of push notices that numerous online websites were sending out to their users by means of Mailfire’s push alert service.
Push notifications are real-time messages that companies can send to smart device or browser users who accepted receive such messages.
The dripping database kept more than 882 GB of log files pertaining to push alerts sent out via Mailfire’s service, with the logs being updated in real-time, as new notifications were being sent.
In total, vpnMentor said the log submits consisted of information for 66 million individual notices sent out over the previous 96 hours, with individual information for numerous thousands of users.
vpnMentor, who evaluated the dripped data while searching for the database owner, stated it discovered alerts belonging to more than 70 sites.
Some of the sites where e-commerce shops and classified advertisements networks from Africa; however, the huge majority of notices originated from domains connected to dating websites.
These dating websites assured guys the chance to find a young female partner in different areas of the world, such as Eastern Europe or Eastern Asia.
Most of these websites used visually-looking designs, and while using various domains, seemed part of a larger network.
Without any doubt, the notifications sent by this network of dating websites was just spam, trying to entice users to return to the site, declaring that a new user had sent them a message.
But while spamming users with push notices is not really an issue, specifically if the users concurred to get these messages, the issue was that personal information was also included.
According to copies of the exposed logs, the leaky Elasticsearch server didn’t only contain copies of the notifications but they also included a “debug” location where personal info for the user getting the notification was likewise included.
A few of the information we discovered in these debug fields consisted of names, age, gender details, email addresses, general geographical places, and IP addresses.
The notifications likewise consisted of links back to the user’s profile, in case the user clicked or tapped on the notice. These links likewise consisted of authentication secrets, meaning anyone with this URL would have had the ability to access a user’s profile on the dating site without requiring a password.
Anybody who would have discovered this database throughout the previous few weeks would have been able to learn the identities of users who registered on these dating sites and access their profiles to check out personal messages or see past connections.
As vpnMentor scientists have actually pointed out, this leaking server was a disaster waiting to happen. If this information leaks online, the users of these sites would probably face extortion efforts, comparable to how Ashley Madison users faced blackmail attempts for years. These extortion attempts had a severe toll on Ashley Madison users, with some taking their own lives after their individual love life was exposed to the public.
Mailfire did not return demand for comment. Some of the dating websites that we found in the leaky server consisted of Kismia, Julia Dates, Emily Dates, Asian Melodies, Ukrainian Charm, Asia Charm, JollyRomance, OneAmour, ValenTime, Rondevo, Victoria Brides, Loveeto, Oisecret, WetHunt, Cum2Date, Jolly.me, and much more.