An unprotected database belonging to the Southern Association of Independent Schools (SAIS) was found exposing sensitive data on students, parents, and teachers, including health records, social security numbers, and confidential security reports.

Upon further research, it was identified that the database belonged to NorthOne Bank, a financial technology company that claims to be used by over 320,000 American businesses. It is worth noting that NorthOne is not a full-service bank.

The exposed database contained users' sensitive information, including screenshots of "Chat Messages" showing deposits and withdrawal amounts, KYC compliance records, identification images, transaction hashes, and wallet addresses.

Security researcher Jeremiah Fowler together with the Website Planet research team discovered an open and non-password-protected database that contained 717,814 records and the PII of thousands of Canadian citizens.

This data contained credit card processing information that included merchant names, payee names, partial credit card numbers, expiration dates, email addresses, security or access tokens, and more.

The total size of the dataset was 601.84 GB and the total number of documents was over 1.16 billion. Upon further research, researchers found references indicating that the data belonged to the California-based online retailer, Vevor.

Security researcher Jeremiah Fowler, together with the Website Planet research team, discovered a non-password-protected database from TransCredit that contained 822,789 records.

An Amazon S3 bucket owned by D.W. Morgan was misconfigured, exposing more than 2.5 million files equating to over 100GB of data. These files relate to D.W. Morgan’s clients and their shipments.

The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. These records included internal data such as employee and client information.

Security researcher Jeremiah Fowler together with the Website Planet research team discovered an unsecured database belonging to Deep6.AI that contained 886,521,320 records.