Remembering a bunch of passwords is a real pain, right? So, we often end up using just one password for all our accounts. It’s easy, it’s convenient. But, ever thought about what happens if that password gets hacked? It’s not just one account at risk, but all of them. This isn’t just a hypothetical scenario. It happened with an app called MyEstatePoint Property Search. A data leak exposed nearly half a million users’ sensitive info. Yikes!
Now, let’s talk about this app. MyEstatePoint Property Search is an Indian real estate app. Cybernews’ research team found out that the app had left a MongoDB server open to the public. This server had all sorts of private info about the app’s users. NJ Technologies, an India-based software developer, is behind this app. It’s pretty popular, with over half a million downloads from the Google Play Store alone. And that’s not counting downloads from third-party app stores.
So, how did the Cybernews team get their hands on this leaked data? On November 6th, they discovered that a MongoDB database was accidentally made public. Anyone could access it. They tried to notify the developers, but got no response. The database had very personal info, like names, email addresses, and plain text passwords. It also had phone numbers, addresses, job details, and how users signed up for the app.
Who leaked this sensitive data? We don’t know. But it’s a stark reminder to use unique passwords for each account. And be careful when entering personal info. Data leaks are all too common. You don’t want all your accounts at risk because you used the same password.