A recent investigation has revealed that hundreds of websites utilizing Firebase have exposed approximately 125 million user records due to misconfiguration of security rules. This alarming discovery includes the exposure of plaintext passwords and sensitive billing information.
The investigation began after the successful breach of Chattr.ai prompted researchers to scan the entire internet for vulnerable Firebase instances. Despite facing initial challenges with memory leaks and lengthy scanning times, the team managed to compile a list of potentially affected sites.
Using a secondary scanner called Catalyst, the researchers assessed the impact of the exposed data by analyzing sample records from the affected sites. The data was then stored in a database for further analysis.
The findings reveal a staggering amount of exposed user information, including names, emails, phone numbers, passwords, and billing details. Some of the most affected websites include Silid LMS, an online gambling network, Lead Carrot, and MyChefTool.
Following the investigation, the researchers reached out to site owners to notify them of the misconfigurations. While a majority of emails were delivered and some site owners took action to secure their data, only a small percentage responded to the notifications.
This incident highlights the importance of ensuring proper security measures are in place to protect user data and prevent unauthorized access to sensitive information.