ADVERTISEMENT

Gig platform app Yoojo leaks millions of user files

The service marketplace platform Yoojo has exposed over 14 million files, including passports and communication screenshots.

Yoojo customers exposed

Image by Cybernews.

Vilius Petkauskas
Vilius Petkauskas Deputy Editor
Apr 1, 2025 Updated: 1 April 2025 1 min read
Yoojo data leak sample
Sample of the leaked data. Image by Cybenrews.

What Yoojo data leaked online?

  • Names and surnames
  • Passports
  • Other government-issued IDs
  • Text messages
  • Phone numbers
ADVERTISEMENT
Niamh Ancell Marcus Walsh Stefanie chrissw
Be the first to know and get our latest stories on Google News
Add us as your Preferred Source on Google.
  • Change the access controls to restrict public access and secure the bucket.
  • Update permissions to ensure that only authorized users or services have the necessary access.
  • Retrospectively monitor access logs to assess whether the bucket has been accessed by unauthorized actors.
  • Enable server-side encryption to protect data at rest.
  • Use Key Management Service (KMS) for managing encryption keys securely.
  • Enforce SSL/TLS for data in transit to ensure secure communication.
  • Consider implementing security best practices, including regular audits, automated security checks, and employee training.

  • Leak discovered: February 28th, 2025
  • Initial disclosure: March 3rd, 2025
  • CERT contacted: March 9th, 2025
  • Leak closed: March 11th, 2025
ADVERTISEMENT