HomesecurityBrazilian company Wi-Fi management software exposed customer data

Brazilian company Wi-Fi management software exposed customer data

A Brazilian Wi-Fi management software company exposed data from various high-profile companies and their millions of customers.

See also: Netgear: Mesh router Wi-Fi 6E $ 1,500 will make your smart home

Wi-Fi data Wi-Fi management software

See also: iPhone: Do not use this "dangerous" Wi-Fi setting

The data was leaked by WSpot, which provides software that allows businesses to protect their Wi-Fi networks and allow password-free electronic access to their customers.

The leak was discovered by the security research company SafetyDetectives. Researchers found WSpot's Amazon Web Services (AWS) misconfigured bucket S3, which remained open and exposed 10 GB of data to the public. After discovering the sensitive data on September 2, the researchers contacted the software company on September 7. WSpot "closed" the violation the next day.

About 226.000 files were leaked, the researchers said, including personal information from about 2,5 million people connected to public Wi-Fi networks provided by WSpot clients. The company's customer portfolio includes Pizza Hut, the financial services provider Sicredi and the healthcare company Unimed.

According to SafetyDetectives, all of the information presented included details provided by individuals in order to access the Wi-Fi service provided by the companies. This includes the full name, email address, full address and taxpayer registration numbers - in addition to the login credentials created during the registration process.

See also: iOS bug permanently turns off Wi-Fi on iPhone!

Wi-Fi data Wi-Fi management software

WSpot confirmed the leak to ZDNet, saying the problem was caused by a "lack of standardization in the management of information [stored] in a specific folder". The Brazilian company has reiterated that it has been working to address the issue since it was contacted.

WSpot states that servers have remained intact and have not been invaded by malicious agents, saying there is no evidence that cybercriminals. However, the software company said it had hired a security company to fully investigate the impact of the leaked data.

It is also unclear whether the company will inform those exposed about the incident.

Source of information:

Teo Ehc
Be the limited edition.