Upon being alerted by security researcher Anurag Sen, the company rubbished the sensitivity of the matter by labeling the exposed database as “an insignificant one.”
Anurag Sen, a prominent IT security researcher has shared exclusive information with Hackread.com revealing that Sydney, Australia-based trading company ACY Securities (acy.com) exposed a massive trove of personal and financial data of unsuspected users and businesses online for public access.
Another day, another misconfigured database
It happened due to a misconfigured database owned by ACY Securities. The worse part of the data leak is the fact that it contained over 60GB worth of data that was left exposed without any security authentication. This means anyone with a slight bit of knowledge about finding unsecured databases on Shodan and other such platforms would have complete access to ACY’s data which contained logs from February 2020 while being updated with the latest data set every second.
As seen by Hackread.com, the exposed database hosted the following user data:
Full namePostcodeFull addressDate of birthName of cityGender detailsEmail addressPhone NumberHashed passwordTrading-related information like business details and more. Screenshot of a US-based user (Image source: Hackread.com via Anurag Sen)
List of countries where most users and businesses were impacted: