Quote:More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.
The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.
The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.
SocialArks’ data-management platform is used for programmatic advertising and marketing. It bills itself as a “cross-border social-media management company dedicated to solving the current problems of brand building, marketing, marketing, social customer management in China’s foreign trade industry.”
The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further.
“Our research team was able to determine that the entirety of the leaked data was ‘scraped’ from social-media platforms, which is both unethical and a violation of Facebook’s, Instagram’s and LinkedIn’s terms of service,” researchers said, in a Monday blog post.
Read more: https://threatpost.com/social-profiles-l...rs/162936/
![[-]](https://www.geeks.fyi/images/collapse.png)
