Exposed Personal Data of 10 Million Users Blogs | IEMLabs is a popular Christian faith app used for daily prayers and biblical audio content. It has been downloaded by several million users from the Play Store. Recently, has exposed personal data of 10 million users dating back to 2016.

Researchers at vpnMentor discovered four misconfigured AWS S3 buckets belonging to the company. Although it had made private around 80,000 files, it failed to replicate these security measures on its Cloudfront CDN, which also had access to the files. This means a hacker could have released personal information of 10 million people, most of whom were not even users.

As explained by vpnMentor the app did not install prper security measures on its CloudFront account and as a result of this, any files on the S3 buckets could be indirectly viewed and accessed through the CDN, regardless of their individual security settings.
The exposed database included profile pics from app users, CSV files from churches using the app, with the names, home and email addresses, phone numbers and other info on churchgoers and PII of individuals donating to churches via the app.

However, the incident is still under thorough investigation conducted by CCPA and GDPR. The researchers warned that individuals caught up in the leak, some of whom had .gov and .mil email addresses, were at risk from follow-on phishing, identity fraud and account takeover.

By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!