Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Unprotected database belonging to JustDial exposes personal information of almost 100 million users

Unprotected database belonging to JustDial exposes personal information of almost 100 million users

  • The unprotected database exposed the personal information of almost 100 million users who accessed the service via its website, mobile app, or by calling its customer care number.
  • The exposed data includes JustDial users’ names, email addresses, mobile numbers, location addresses, genders, dates of birth, photos, designations, company names, and more.

What is the issue – A security researcher uncovered a database belonging to JustDial that was exposed online without any password protection.

Why it matters – The unprotected database exposed the personal information of almost 100 million users who accessed the service via its website, mobile app, or by calling its customer care number.

What was exposed – The exposed data includes JustDial users’ names, email addresses, mobile numbers, location addresses, genders, dates of birth, photos, designations, company names, and more.

The big picture

An independent security researcher named Rajshekhar Rajaharia uncovered an unprotected database belonging to JustDial.

“#justdial Your 100 Million users data including name, email, mobile, gender, dob, address, photo, company, occupation & other details r publicly accessible. Fix ASAP. DM for Detail,” Rajaharia tweeted.

Upon discovering the leaky database, the security researcher contacted JustDial via its contact page to notify about the database, however, received no response. Rajaharia then contacted The Hacker News and shared the details of the unsecured database.

The security researcher noted that the database’s API endpoint is an old one which is not currently being used by the company but has been left forgotten on the server.

Rajaharia also identified a few other old unprotected APIs that could allow attackers to trigger OTP requests for any registered mobile number, which could then be used for spamming activities.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket