The exposed database contained users' sensitive information, including screenshots of "Chat Messages" showing deposits and withdrawal amounts, KYC compliance records, identification images, transaction hashes, and wallet addresses.

Security researcher Jeremiah Fowler together with the Website Planet research team discovered an open and non-password-protected database that contained 717,814 records and the PII of thousands of Canadian citizens.

This data contained credit card processing information that included merchant names, payee names, partial credit card numbers, expiration dates, email addresses, security or access tokens, and more.

The total size of the dataset was 601.84 GB and the total number of documents was over 1.16 billion. Upon further research, researchers found references indicating that the data belonged to the California-based online retailer, Vevor.

Security researcher Jeremiah Fowler, together with the Website Planet research team, discovered a non-password-protected database from TransCredit that contained 822,789 records.

An Amazon S3 bucket owned by D.W. Morgan was misconfigured, exposing more than 2.5 million files equating to over 100GB of data. These files relate to D.W. Morgan’s clients and their shipments.

The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. These records included internal data such as employee and client information.

Security researcher Jeremiah Fowler together with the Website Planet research team discovered an unsecured database belonging to Deep6.AI that contained 886,521,320 records.

The records were labeled “Production” and contained customer PIIs such as names, phone numbers, physical addresses (home and/or office), @members.ebay addresses, and hashed passwords.