• Home
  • Forum
  • News
  • Reviews
  • About
Sign in
Welcome!Log into your account
Forgot your password?
Password recovery
Recover your password
Search
Sign in
Welcome! Log into your account
Forgot your password? Get help
Password recovery
Recover your password
A password will be e-mailed to you.
Myce.com
  • Home
  • Forum
  • News
  • Reviews
  • About
Home News

FBS Forex Trader Leaks Millions of Customer Records

By
Maricar Sze
-
March 26, 2021

Forex trading side FBS has accidentally leaked millions of user records online after the company reportedly left its ElasticSearch database server exposed after a cloud database misconfiguration mishap.

FBS is an international online forex broker founded in 2009. As of writing, Tech Radar states the company currently operates with over 400,000 partners and 16 million traders in more than 190 countries around the globe. Its app alone has reportedly been downloaded over a million times in the Google Play Store.

According to Info Security Magazine, the server in question was left unprotected online without password or encryption protection, leaving it vulnerable to attackers and other malicious threat actors on the web.

FBS Forex Trader Leaks Customer Records

Based on the article released by Tech Radar, the security researchers slash white hackers over at WizCase, a reviews website initially discovered the data leak in October 2020. Led by white hat hacker Ata Hakcil from WizCase, Tech Radar states that the researchers reached out to the firm after the incident.

In response to the data leak, Tech Radar maintains that FBS took to securing the ElasticSearch database by October 5 last year. After the initial server security, however, the company experienced a massive data leak was around 20 terabytes of data with approximately 16 billion records on it.

Among the customer details exposed by the server include personally identifiable information (PII). These include customers’ first and last name, their phone numbers, billing addresses, and their passport numbers. Users’ ID cards, driver’s licenses, and birth certificates were also included in the list.

In addition to the aforementioned data, the email addresses, the country, time zone, and IP addresses of users have also been made vulnerable. Customers’ mobile device models, as well as the current operating systems being used by the individual in question, were also found on the exposed server.

Social media IDs, including those from Facebook and Google, also remain part of the exposed ElasticSearch server. Moreover, the personal photos and images, on top of financial documents such as bank account statements and unredacted credit cards, and utility bills of customers were compromised.

Info Security Magazine also reports that the login history, loyalty data, as well as the unencrypted passwords of users and their respective password, reset links, were also found in the database.

In a statement, WizCase security researchers said that the treasure trove of data could be leveraged by various threat actors for a variety of attacks, including phishing and even malware, on top of other similar scams and attacks. Identity theft is also a real concern for white hat hackers.

While the forex trader has already secured its database, users must be wary of possible attacks and data exposed used against them. In light of this, users are urged to change their passwords and enable two-factor authentication, notes Tech Radar.

  • TAGS
  • Cloud Database Misconfiguration
  • credit cards
  • Customer Records
  • data leak
  • Database
  • elasticsearch database
  • Email Addresses
  • Encryption Protection
  • facebook
  • FBS
  • Forex Trading
  • Google
  • Google Play Store
  • Identity Theft
  • International Online Forex Broker
  • IP Addresses
  • Login History
  • Personally Identifiable Information
  • White Hat Hackers
  • WizCase
Previous articleEquinix Precision Time Offers Secure Global Time Synchronization Service
Next articleAttackIQ Launches Intelligent Security Support Platform
Maricar Sze

RELATED ARTICLESMORE FROM AUTHOR

AI Creates Nirvana Music
News

AI Creates ‘New’ Nirvana Music

Discord and Slack Victim to Malware Attacks
News

Discord, Slack Fall Victim to Malware Attacks

Samsung Repurposes Galaxy Smartphones
News

Samsung Repurposes Galaxy Smartphones Into Eye Diagnosis Cameras

RECENT NEWS

AI Creates ‘New’ Nirvana Music

News Maricar Sze - April 9, 2021

Discord, Slack Fall Victim to Malware Attacks

News Maricar Sze - April 9, 2021

Samsung Repurposes Galaxy Smartphones Into Eye Diagnosis Cameras

News Maricar Sze - April 9, 2021

The latest news surrounding digital storage products, cloud, data security, technology, fintech, games.

Myce B.V.
Cruquiuskade 251, 1018 AM Amsterdam, Netherlands.

Contact us: dan@myce.com

MORE RECENT NEWS

Optus New WiFi Security Service

Optus And McAfee Partner For New WiFi Security Service

News March 30, 2021
FatFace Under Fire for Disclosure Process

FatFace Pays $2M for Breach, Under Fire for Disclosure Process

News March 29, 2021
AttackIQ Intelligent Security Support Platform

AttackIQ Launches Intelligent Security Support Platform

News March 29, 2021

POPULAR CATEGORY

  • News24679
  • Other16029
  • Piracy1016
  • Software815
  • Reviews581
  • Movies522
  • Music275
  • Apps175
  • Finance170
  • Forum
  • Privacy Policy
  • Terms and Conditions
  • Cookie Policy
  • About
© Copyright 1997 – 2021 Myce B.V. – All rights reserved. It is prohibited to use or publish this content without proper authorization. Offenders shall be subject to penalties provided by law.