1. Forum
  2. tqwNet
  3. TQW GENTECH

  • AI development service Builder.ai exposed over 1TB of data on thr

    From TechnologyDaily@1337:1/100 to All on Tuesday, December 24, 2024 13:15:05
    AI development service Builder.ai exposed over 1TB of data on three million users

    Date:
    Tue, 24 Dec 2024 13:08:00 +0000

    Description:
    It remains unknown if Builder.ai archive is locked down or not.

    FULL STORY ======================================================================Security
    researchers discovered a major database with 3M+ records It belongs to Builder.ai, a low code/no code platform It contains sensitive information, NDAs, and more

    Builder.ai may have unwillingly exposed sensitive information on millions of its users, researchers have claimed.

    Jeremiah Fowler, a security researcher known for hunting down non-password protected databases containing sensitive intel, said he discovered an archive with more than 3 million records.

    The database belongs to Builder.ai, a British no-code/low-code platform that enables businesses to quickly and affordably create custom software applications without requiring deep technical expertise. Complexities with dependent systems

    Fowler said the database contained 3,077,542 records, totaling 1.29TB in
    size, including cost proposals, NDA agreements, invoices, tax documents,
    email correspondence screenshots, internal image files, and much more.

    Among the most concerning files were two documents that indicated access and configuration details of two separate cloud storage databases that also included secret access keys, Fowler said on Website Planet .

    It is hypothetically possible that those access keys could have revealed additional potentially sensitive data if they were to fall into the wrong hands.

    In total, there were 337,434 invoices and 32,810 files labeled Master service agreements. The latter also contained NDA agreements with names, emails, IP addresses, project cost summaries, and other project details.

    Fowler disclosed his findings to Builder.ai, however it couldnt lock the database down even a month later, citing complexities with dependent systems
    - and it isn't known if the database is still open and accessible.

    Misconfigured databases remain one of the number one reasons for data leaks
    on the internet. Many researchers are warning that organizations dont understand the shared security model present in most cloud service providers, and that they end up generating enormous databases, filled with valuable information, which are open and accessible to all.

    Should cybercriminals find these archives, they could use the information there in convincing phishing attacks, identity theft , and possibly even wire fraud. You might also like Watch out - that dream job offer could be a
    malware scam Here's a list of the best antivirus tools on offer These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/ai-development-service-builder-ai-expos ed-over-1tb-of-data-on-three-million-users


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)