Glosbe, the biggest online dictionary, left a server exposed to the public, revealing personal data, encrypted passwords, social media identifiers, and other details of nearly seven million users.
Glosbe left an open MongoDB server, exposing millions of its users, the Cybernews research team has discovered.
Businesses employ MongoDB to organize and store large swaths of document-oriented information. MongoDB server misconfigurations sometimes leave instances accessible to the public, revealing vast amounts of sensitive data.
The team discovered the open database in late December 2023 and contacted Glosbe. While the organization did not reply to the team, the open instance was closed.
We contacted Glosbe for official comment about the leak but did not receive a reply before publishing this article.
According to our researchers, the open instance included a collection of Glosbe’s user records, including:
“The leaked information exposes users to severe risks, enabling threat actors to engage in identity theft, conduct phishing attacks, and gain unauthorized access to accounts, posing a grave threat to individuals’ privacy and security,” researchers warned.
Glosbe is a multilingual dictionary that claims to cover all languages. The service, much like Wikipedia, is developed by the members of its community.
Your email address will not be published. Required fields are markedmarked