23M Gamer Records Exposed in VIPGames Leak

2021-01-26 19:35

UPDATE. VIPGames, a free platform with a total of 56 available classic board and card games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon and others, has exposed the personal data of tens of thousands of users.

In a statement, released after this original Threatpost report was published, VIPGames acknowledged "An issue that potentially exposed user profiles" but stated it wasn't aware any user data was leaked.

"Some of these included potential pedophilia and exhibitionism," WizCase said, adding potential blackmail to the list of threats the exposed data posed to users, in addition to identity theft, password breaches, phishing scams, malware and more.

"Their report brought to attention an Elasticsearch server misconfiguration that occurred with one of our servers that was part of our backup log and stored user data older than six months. The event took place on October 5th, and it was resolved within two hours by our team," VIPGames said in its statement.

Last September high-end gaming gear company Razer left the personal data of about 100,000 users exposed on a similar Elasticsearch cloud cluster.

Last summer, Joomla exposed the data of 2,700 people signed up for the Joomla Resources Directory community forum in an unsecured Amazon Web Services cloud storage bucket.

News URL

https://threatpost.com/gamer-records-exposed-vipgames-leak/163352/

#leak