Personal Information of Over 30,000 Students Exposed in Unprotected Database
The personal information of more than 30,000 students was found on an improperly secured Elasticsearch server, security researchers with SafetyDetectives report.
The server, the researchers say, was left connected to the Internet and did not require a password to allow access to the data within.
Thus, it exposed more than one million records representing the personally identifiable information (PII) of 30,000 to 40,000 students, the researchers estimate.
The exposed information, they say, included full names, email addresses, and phone numbers, along with credit card information, transaction and purchased meals details, and login information stored in plain text.