Jeremiah Fowler, Author at Security Discovery

Blog, Data Breach, database November 23, 2020

Luxury Real Estate Firm Exposed Owner and Agent Data Online For Months, Later Wiped Out By Malicious Meow Bot

On June 17th I discovered a dataset that contained a massive amount of records that were clearly related to a real estate and a home sale brokerage company. There were a total of 30.7 million…

Like this story? Please share it!

Blog, Data Breach, database November 13, 2020

Hosting Provider Exposed 63 Million Records and User Passwords

On October 5th I discovered a non-password protected database that contained a large amount of monitoring and system logs. There were records indicating data backups, monitoring, error logging, and more. Upon further research, the database…

Like this story? Please share it!

Blog, Data Breach September 22, 2020

Property Management Company Exposed 1.2 Million Records Online

In June 2020, I discovered a large amount of records that contained detailed information on property renters, visitors, commercials leases, and much more. Upon further research it was clear that this was some type of…

Like this story? Please share it!

Blog, Data Breach, Trending August 17, 2020

AI Company Exposed 2.5 Million Records Including Medical Data of Auto Accident Victims Online

In the ever-changing world of cyber security there are few types of records that are as valuable or sensitive as medical data. On July, 7th I discovered 2.5 million records that appeared to contain…

Like this story? Please share it!

Data Breach, database July 7, 2020

Home Loan Provider Exposed 695k Records Online

Recently I discovered a large collection of what appeared to be records related to home loans. Upon further research the records were connected to Texas based Southwest Funding. On May 20th I discovered a publicly…

Like this story? Please share it!

Data Breach, database June 26, 2020

Largest US Bubble Tea Supplier Exposed Data Online

On April 28th I discovered a dataset that contained what appeared to be customer information, payment references and was labeled as production data. There were links to sales records and links that identified the owner…

Like this story? Please share it!

Blog, Data Breach, database March 2, 2020

Free Wifi User Data Exposed in Multiple UK Train Stations

On February 14th I discovered a non-password protected database that contained a massive amount of records totaling 146 million. Upon further review I was able to see connections to what appeared to be free wifi…

Like this story? Please share it!

Data Breach, database February 18, 2020

FairBridge Inn & Suites Exposed Customer Booking Platform

Booking a hotel online is now so common that we consumers never give it a second thought when traveling. We enter our information, provide payment details and then cross our fingers. Unfortunately once we provide…

Like this story? Please share it!

Blog, database, Uncategorized February 11, 2020

Estee Lauder Exposed 440 Million Records Online

On January 30th I discovered a non-password protected database that contained a massive amount of records totaling 440,336,852. Upon further review I was able to see connections to New York based cosmetic company Estée Lauder. I…

Like this story? Please share it!

Blog, Data Breach, database February 4, 2020

Pabbly Email Marketing Exposes 51.2 Million Records Online

Email marketing is big business and many companies rely on emails to keep in contact with their customers or potential customers. In the modern world of over priced pay per click ads targeted email marketing…

Like this story? Please share it!

Blog, Data Breach, database January 13, 2020

Online Eyewear Websites Expose Data of 186k Customers

In October 2019 I discovered a database that contained 186,000 sales records and 40.4 million visitor IP addresses. From October 23rd, 2019 to January 13th, 2020 I sent multiple emails and left numerous voice messages….

Like this story? Please share it!

Data Breach, database, elasticsearch, Uncategorized November 13, 2019

Prank Call Service PrankDial Exposed 138 Million Records Online

On October 28th I discovered a non-password protected database that contained millions of log files. Upon further research, the records all contained information that identified PrankDial.com as the owner of the data. I immediately sent…

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch October 28, 2019

2.59 Million Credit Card Transactions Exposed –

Two data incidents just months apart from each other. Back in February 2019 I found a database that belonged to a Nigerian based company. The first database contained over 8 million records. The representatives replied…

Like this story? Please share it!

Blog, Data Breach, elasticsearch October 22, 2019

Religious Website and Software Provider Leaks Customer and Credit Card Data for Many Months

Religious website service Clover Sites exposed customer data for at least 6-7 months and the dataset was found twice on two separate databases. On May 22nd I discovered and reported a data exposure incident involving…

Like this story? Please share it!

Blog, Data Breach, Data Security Education October 11, 2019

When Test Data is Not Test Data

There is a growing trend among organizations and companies to simply deny that live production data is real. As a security researcher I often hear that everyone is a small start-up and all data is…

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch, Uncategorized September 19, 2019

Mattress Company Exposes 387k Customer Records Online

On September 5th I discovered a non-password protected database that contained 1 folder named “Customers”. Every file contained references to Verlo Mattress Factory and appeared to be customer data. Upon further investigation there were indications…

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch September 11, 2019

Auto Dealer Leads Network Exposed 198 Million Records Online

On August 19th I reported a non-password protected database that contained a massive 413GB of data and a total of 198 million records. The most shocking part was that I had seen this dataset several…

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch, Uncategorized August 23, 2019

Fundraising Platform Exposes 7.5 Million Records Online

Online fundraising is a growing industry that has raised many billions of dollars for worthy causes from around the street to around the world. The concept of small donations from many people can have a…

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch August 7, 2019

Leadership for Educational Equity Exposes 3.69 Million Members Online

On July 26th discovered a non password protected elastic data set that contained 5.2 million documents in total. Immediately, I knew this information should not be publicly accessible and began trying to identify the ownership….

Like this story? Please share it!

Blog, Data Breach, database, elasticsearch July 25, 2019

Cheers – English Whiskey Club Leaked Info of 23,362 Members Online

On May 29th I discovered a database that contained what appeared to be a member list. Like most database names that do not clearly identify the ownership, this one was named Martha Johansson. I assume…

Like this story? Please share it!

Security Discovery

Cyber Security News & Consulting Services

Articles by Jeremiah Fowler

Luxury Real Estate Firm Exposed Owner and Agent Data Online For Months, Later Wiped Out By Malicious Meow Bot

Property Management Company Exposed 1.2 Million Records Online

Home Loan Provider Exposed 695k Records Online

Largest US Bubble Tea Supplier Exposed Data Online

Free Wifi User Data Exposed in Multiple UK Train Stations

FairBridge Inn & Suites Exposed Customer Booking Platform

Estee Lauder Exposed 440 Million Records Online

Pabbly Email Marketing Exposes 51.2 Million Records Online

Online Eyewear Websites Expose Data of 186k Customers

Prank Call Service PrankDial Exposed 138 Million Records Online

2.59 Million Credit Card Transactions Exposed –

Religious Website and Software Provider Leaks Customer and Credit Card Data for Many Months

When Test Data is Not Test Data

Mattress Company Exposes 387k Customer Records Online

Auto Dealer Leads Network Exposed 198 Million Records Online

Fundraising Platform Exposes 7.5 Million Records Online

Leadership for Educational Equity Exposes 3.69 Million Members Online

Cheers – English Whiskey Club Leaked Info of 23,362 Members Online