Articles by SafetyDetectives Cybersecurity Team

SafetyDetectives Cybersecurity Team

The SafetyDetectives research lab is a pro bono service that aims to help the online community defend itself against cyber threats while educating organizations on how to protect their users’ data. The overarching purpose of our web mapping project is to help make the internet a safer place for all users

Could your baby monitor be unsafe and unsecured?
Could your baby monitor be unsafe and unsecured?
The SafetyDetectives cybersecurity team has discovered a vulnerability affecting baby monitors, provoked by their misapplication/misconfiguration, which provides potentially harmful parties with unauthorized access to each camera’...
Report: Job Portal Database Exposed
Report: Job Portal Database Exposed
SafetyDetective’s research lab discovered a leak online that exposed an elastic server containing 3GB of data with over 1.6 million users affected. We informed the apparent owners of this database as soon as we were able to identi...
Cashback Sites Leak Unencrypted Passwords, Bank & Other Sensitive User Data
Cashback Sites Leak Unencrypted Passwords, Bank & Other Sensitive User Data
The security research team at Safety Detectives has uncovered yet another data leak worth 2 terabytes of data hosted on an Elastic Server. Affecting savvy shoppers in both India and the U.K., sister sites Pouringpounds.com and Cas...
French Subscribers to Famous News Site at Risk from Hacking, Fraud
French Subscribers to Famous News Site at Risk from Hacking, Fraud
The security research team at Security Detectives, led by Anurag Sen, has uncovered a significant data leak from French daily newspaper Le Figaro. Hosted on an Elasticsearch server owned by Poney Telecom in France, the leaking dat...
Cybersecurity vulnerability at major cosmetics brand leads to 7 gigabytes+ data leak
Cybersecurity vulnerability at major cosmetics brand leads to 7 gigabytes+ data leak
One of the world’s well-known cosmetic brands has been informed that a significant data breach was discovered on its web server, which was found to be publicly exposed, without password protection or encryption. Our security team,...
Brazil: Millions of Records Leaked, Including Biometric Data
Brazil: Millions of Records Leaked, Including Biometric Data
The security research team at SafetyDetectives has discovered a significant data leak in addition to other security flaws (such as lack of password protection) relating to fingerprint data on an Antheus log server in Brazil. Our t...
Australian sports fan portal leaks 132GB of private data
Australian sports fan portal leaks 132GB of private data
An active Australian sports fan site with over 100,000 members has leaked a large volume of private data. Our security team discovered multiple instances of personal private information made available to the public within the comp...
Major German shopping site leaks customer data
Major German shopping site leaks customer data
A publicly-listed multinational retailer with millions of dollars in annual revenues was discovered to be operating a completely unsecured server, thereby publicly exposing private data belonging to around 700,000 of its customers...
Quarter of a million customers exposed as Brazilian cosmetics brand suffers data leak
Quarter of a million customers exposed as Brazilian cosmetics brand suffers data leak
One of the leading online retailers in Brazil, Natura&Co, has been informed of a significant data leak within its website, https://www.natura.com.br. More than 250,000 customers that had previously ordered beauty products from the...
Dutch Fishing Outlet Exposes Hundreds of Thousands of Customers
Dutch Fishing Outlet Exposes Hundreds of Thousands of Customers
The SafetyDetectives cybersecurity team found an unsecured Microsoft Azure Blob Storage server belonging to retail outlet Raven Hengelsport (otherwise known as Raven Fishing B.V.), with PII for hundreds of thousands of customers l...