The Internet has exposed a serious security breach a database with more than 400 GB of information This included the personal information of at least 214 million people, including very popular celebrities and influencers on social media.
The database belonged to a Chinese social media company that had suffered another vulnerability as early as the summer of 2020
The database belonged to the Chinese social media management company Socialarks, as reported by SafetyDetectives in a post on their corporate blog after the database owner was identified and made aware of the security breach. It appears that the database was on the ElasticSearch search server without any protection and contained information from at least 214 million social network users around the world.
According to the publication, the server made all the information in the database available without encryption or password protection as they could see during their routine of checking IP addresses and databases without security. This means that anyone who knew the IP address of the server that the database resided on could have access to the users’ personal information.
The database with 408 GB of information and more than 318 million records correspond to 214 million people, consisted of data obtained through “web scrapping” on social networks such as Facebook, Instagram and LinkedIn. According to the rules of use of these three social networks, scrapping your data (copying large amounts of information that can or cannot be accessed from their servers) is an illegal practice.
The data that was in the database included the full names of the users, country of residence, place of work, occupation … and even contact information that has never been publicly offered on their profiles on social networks like they could find out for the database. In total, there was information on more than 11 million Instagram profiles, 66 million LinkedIn profiles and 81 million Facebook profiles.
It is unknown whether anyone could have accessed the exposed database without security, or what they could do with the information they might have obtained from it. It should be noted that the Chinese company Socialarks suffered yet another data loss from LinkedIn, Facebook and Instagram users last August, even though 150 million accounts were affected in this case.