April 1, 2023

Cricket community network “criticalsocial.com” leaks 100k user entries and administrative credentials. The open database contains emails, phone numbers, names, hashed user passwords, dates of birth, and addresses of the website users.

Cricketsocial.com is owned by an LLC situated in the United States. Apart from the Cricket League of New Jersey, the majority of the organizations mentioned are located in India. The exposed database was hosted in AWS.

Advertisements

The open instance stores not only the admin credentials and users’ personal information, but also all of the website’s content. Content such as posts, comments, like counts, and image links are all saved in a single AWS storage bucket.

Despite the fact that some information from the bigger database was most likely used for testing purposes, security risks remain. The information in the disclosed database was kept in plaintext format, and the security implications are high, as this data can be sold or used for identity theft or spam.

Tags:

1 thought on “Cricket Social Community Platform Breached

  1. Pingback: Cricket Social Community Platform Breached — TheCyberThrone – YodaSec's Expose

Leave a Reply

You may have missed

Italy temporarily bans ChatGPT

Italy temporarily bans ChatGPT

April 1, 2023
Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
QNAP Critical Sudo Vulnerability

QNAP Critical Sudo Vulnerability

March 31, 2023
AlienFox Malware Toolset -SwissArmy Knife

AlienFox Malware Toolset -SwissArmy Knife

March 31, 2023
3CX Application Malvertised

3CX Application Malvertised

March 31, 2023
%d bloggers like this: