Kinomap did not respond to researchers whatsoever and left the database exposed to public access.
Another day, another data breach – This time, researchers have discovered a new trove of personal data exposed online and putting millions of unsuspected users at risk of online scams and privacy breaches.
Discovered by researchers at vpnMentor; the database belonged to Kinomap, a France based exercise technology company with millions of active subscribers. The company allows users to records their exercise and training video and share with other users. More information on how the company works is available on its Wikipedia page.
However, this time, the company has exposed 40GB worth of data containing 42 million personal records of users across the globe. These records, according to vpnMentor’s blog post, contained Personally Identifiable Information (PII) data including:
GenderCountryFull namesUsernamesProfile linksHome countryDate of joining Email addressesExercise timestamps
A full preview of the data exposed in the breach:
Image: vpnMentor
The worrisome part of this incident, other than the data leak, is the attitude of Kinomap. For instance, vpnMentor’s research team discovered the database on 16th March 2020 and after identifying its owner, informed the company twice on 18th March 2020, and 30th March 2020 yet Kinomap never responded to the researchers neither did they protect the database.
See: Polar fitness app exposed ..
Support the originator by clicking the read the rest link below.
