08 Nov Personal Data of Amex India Customers Leaked via Unsecured Server
Hacken’s Bob Diachenko said that he recently discovered an unsecured MongoDB server containing the personal details of around 700,000 Amex India customers.
The director of Cyber Risk Research at the firm said that the plaintext records contained personal details such as phone numbers, full names, email addresses, and card type description fields. While not overly sensitive, the data can still be used to power a spam campaign.
Diachenko said that there were also a total of 2,332,115 encrypted records that contained more personal information such as customer names, addresses, Aadhar numbers, PAN card numbers, and phone numbers.