- Unsecured Netcore database exposed 40 billion records, including emails and banking notices
- Researcher Jeremiah Fowler discovered the 13TB database open without password protection
- Netcore secured the database after contact; duration of exposure is unknown
More than 40 billion data records, including people’s emails, IP addresses, and banking activity notices, were leaking online.
Earlier this week, security researcher Jeremiah Fowler found a large, unencrypted database, exposed online without any password protection, leaving sensitive records accessible to anyone with an internet connection. The database weighed approximately 13 terabytes, and belonged to an Indian marketing company called Netcore Cloud Pvt. Ltd.
Only an internal audit could confirm if the database was accessed by any cybercriminals. Fowler confirmed it was also possible that a third party was managing the database on behalf of Netcore.
Major company
Analyzing a sample of the information stored in this database, Fowler found plenty of sensitive, personally identifiable information - which could leave those affected at risk of identity theft or fraud.
That included bank notifications, employment-related messages, account verification emails, marketing messages, healthcare notifications, banking activity notices, mail log records (with email addresses and message subjects), partial account numbers, IP addresses, data labeled as “production”, and many records “marked as confidential”.
After identifying the database’s owner, Fowler reached out, and the company locked it down on the same day, thanking the researcher for the tip. He stressed that it is not known for how long the database remained open, or if any malicious actors found it before he did.
Netcore is a rather large marketing organization. It provides cloud-based tools that help businesses communicate with customers across digital channels, mainly through email, SMS, WhatsApp, push notifications, and in-app messages, while tracking and optimizing those interactions using AI and automation.
It is based in Mumbai, India, but has offices around the world, including Malaysia, UAE, the UK, and elsewhere, serving more than 6,500 customers around the world, including major names such as Flipkart, Disney Hotstar, McDonald’s, and others. According to some sources, Netcore hit $100 million in revenue, and 5,000 customers in 2024.
Via Website Planet
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You might also like
- Nearly 150,000 patient records exposed in major healthcare data breach - here's what we know
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.