66,000 Gamers Exposed due to Cloud Misconfiguration

VIPGames.com, a free platform with a sum of 56 accessible classic board and games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon, and others, has uncovered the personal data of tens of thousands of users.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
A research group at WizCase found the wide-open server, with zero encryption and no password protection, through a straightforward search. It was traced back to VIPGames.com, a mainstream free-to-play card and table game platform with 100,000 Google Play downloads and about 20,000 active daily players globally.
“Online gaming brings together user personal information, transaction details, and gaming habits. This fusion of confidential information creates a lucrative environment for cybercriminals to exploit,” the WizCase report clarified. “Gaming platforms routinely experience multiple attacks from hackers, sabotage from competing platforms, intra-platform attacks by players targeting the Internet connections of rival users, and more.” In this situation, over 30GB of information was leaked in the security snafu, including 23 million records. In this trove, the researchers selected 66,000 client profiles including usernames, emails, device details, IP addresses, hashed passwords, Facebook, Twitter, and Google IDs, in-game transaction details, bets, and details about restricted players.
The passwords were hashed utilizing the Bcrypt algorithm utilizing 10 rounds which, while tedious, isn’t incomprehensible for a determined attacker to break, WizCase contended. These could then be utilized to attempt to open different sites and accounts utilized by the same gamers. The firm cautioned that if a threat actor had found the exposed data, they might have created persuading phishing assaults by email or telephone, utilizing the extensive personal information in these profiles.
WizCase said if a client was prohibited for exhibitionism, somebody who knows their email address or social media accounts could threaten to uncover them. Additionally, given bans are ultimately at the arbitrators’ caution, a restricted player’s very own reputation might be destroyed if the allegation was without merit.
For clients, experts concur basic prescribed procedures for online security is consistently a smart thought — be cautious about what you share, try not to tap on dubious messages or interfaces and proper password hygiene is important, WizCase exhorted. The firm additionally proposed utilizing a VPN service to keep location data secure and install good antivirus software while the industry struggles to keep up.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.