The site is CAM4, a popular adult platform that advertises “free live sex cams.” As part of a search on the Shodan engine for unsecured databases, security review site Safety Detectives found that CAM4 had misconfigured an ElasticSearch production database so that it was easy to find and view heaps of personally identifiable information, as well as corporate details like fraud and spam detection logs. “Leaving their production server publicly exposed without any password,” says Safety Detectives researcher Anurag Sen, whose team discovered the leak, “it’s really dangerous to the users and to the company.” The Hack First of all, very important distinction here:
Read full article on Wired – Threat Level