Online gaming platform VIP games suffered a data breach and more than 23 million records were left exposed on a misconfigured server. VIP Games owned by software development company Casualino JSC is a free to play online card and board game platform, with an internet website and a mobile app. It has 20,000 active daily players and includes popular games such as Hearts, Crazy Eights, Euchre, Rummy, Dominoes, Backgammon, Ludo and Yatzy. The Android app for the site has been downloaded more than 100,000 times on Google Play.
Researchers at WizCase have discovered a 30-gigabyte database exposed on a misconfigured server containing information about more than 66,000 user profiles and 23 million records. The exposed data included usernames, emails, device details, IP addresses, hashed passwords, Facebook IDs, Twitter IDs, Google IDs, in-game transaction details, etc. All this sensitive information was left exposed on a misconfigured server and could be used by attackers for several illegal activities like password breach, phishing attacks, identity theft and blackmailing.