Anti-vax dating site exposed data for 3,500 users through ‘debug mode’ bug

Illustration by Carlo Cadenas / The Verge Unsurprisingly, it seems like the type of people who shun vaccinations are not great at preventative cybersecurity either. As reported by the Daily Dot, “Unjected” — a dating site specifically for people who are not vaccinated against COVID-19 — failed to take basic precautions to keep users’ data secure, leaving sensitive data exposed and allowing potentially anyone to become a site administrator. The “Unjected” site was set up to leave the administrator dashboard fully accessible to anyone who knew how to look for it. Through this dashboard, an administrator could access user information for any member of the site, including name, date of birth, email address, and (if provided) their home address. The configuration error was discovered… Continue reading… from The Verge – All Posts https://ift.tt/XUvpgju via Grabey Blog
http://dlvr.it/SVVQb8