A recent report by Cybernews claims that FreshMenu, popular food delivery service that provides fresh cuisines, may have inadvertently leaked the data of 3.5 million customers. The report claims that its researchers have come across a 26GB-strong MongoDB database, containing the details of over 3.5 million orders, which were not secured with any kind of password. The researchers claim that the data could have been accessed by anyone.
What Kind of Data Could Have been Leaked by FreshMenu?
The report says that the following sensitive information could have been leaked due to the unsecured data base:
- Names of customers.
- Phone numbers.
- Billing and shipping addresses.
- IP addresses.
“The comprehensive nature of the leaked information could enable malicious actors to exploit customer vulnerabilities, compromise privacy, and potentially perpetrate fraudulent activities,” claims the report quoting Cybernews researchers.
Massive Data Breach in Other Organisations
The same organisation recently also stated that 12 terabytes of information, spanning over 26 billion records had been breached. The data breaches took place from popular platforms like LinkedIn, MySpace, Canva, Youko, Twitter, Weibo, and Tencent among others.
Apart from these platforms the leaks also included information from various government organizations in the US, Brazil, Germany, Philippines, and Turkey among others. The research also stated that the largest number of records, 1.4 billion, came from Tencent QQ, a Chinese instant messaging app.
How to Keep Sensitive Data Safe
Keeping sensitive data safe is crucial to protect personal information, financial details, and other confidential data from unauthorized access. Here are some general guidelines to help keep sensitive data safe:
- Create complex passwords using a combination of uppercase and lowercase letters, numbers, and special characters.
- Avoid using easily guessable information, such as name, birthdate, or common words.
- Add an extra layer of security by enabling two factor authentication wherever possible.
- Keep operating system, antivirus software, and other applications up to date to ensure having the latest security patches.
- Use encryption tools to protect sensitive files and communications.
- Avoid clicking on suspicious links or downloading attachments from unknown sources.
- Use strong passwords or biometric authentication on devices, including smartphones, laptops, and tablets.
- Enable device tracking and remote wiping features in case device is lost or stolen.