GOMO

GOMO

50,553,664 GOMO app users’ information has been exposed.

GOMO backup data was exposed on Port 80 with no login required.

There was also a second IP address that was exposing all of the backup data without any login required.

In total, there were more than 70 databases exposed, involving applications listed on GOMO’s website including Z Camera, Z Launcher, GO SMS, GO Music, GO Launcher, Bright Flashlight, and S Photo Editor.

Other affected applications include GO Horoscope, GO Fitness, GO Currency, GO Video, as well as internal purchases, games, promotions, messages and contacts.

The complete GOMO deployment and development system with all end points, credentials and project information was exposed

A lot of its development, internal, and system details and workings were also exposed.

GOMO also provides services for clients like private VPN’s, and the exposed database contained 477,521 account IDs of customers who subscribe to this service.

Source: https://www.databreaches.net/50553664-gomo-app-users-information-exposed-researcher/

TPRM report: https://scoringcyber.rankiteo.com/company/gomodigital

"id": "gom13481122",
"linkid": "gomodigital",
"type": "Data Leak",
"date": "08/2018",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 50553664,
                        'industry': 'Technology',
                        'name': 'GOMO',
                        'type': 'Company'}],
 'attack_vector': 'Unsecured Backup Data',
 'data_breach': {'number_of_records_exposed': 50553664,
                 'type_of_data_compromised': ['User information',
                                              'Backup data',
                                              'Development details',
                                              'Internal system details',
                                              'Project information',
                                              'VPN account IDs']},
 'description': '50,553,664 GOMO app users’ information has been exposed. GOMO '
                'backup data was exposed on Port 80 with no login required. '
                'There was also a second IP address that was exposing all of '
                'the backup data without any login required. In total, there '
                'were more than 70 databases exposed, involving applications '
                'listed on GOMO’s website including Z Camera, Z Launcher, GO '
                'SMS, GO Music, GO Launcher, Bright Flashlight, and S Photo '
                'Editor. Other affected applications include GO Horoscope, GO '
                'Fitness, GO Currency, GO Video, as well as internal '
                'purchases, games, promotions, messages and contacts. The '
                'complete GOMO deployment and development system with all end '
                'points, credentials and project information was exposed. A '
                'lot of its development, internal, and system details and '
                'workings were also exposed. GOMO also provides services for '
                'clients like private VPN’s, and the exposed database '
                'contained 477,521 account IDs of customers who subscribe to '
                'this service.',
 'impact': {'data_compromised': ['User information',
                                 'Backup data',
                                 'Development details',
                                 'Internal system details',
                                 'Project information',
                                 'VPN account IDs'],
            'systems_affected': ['GOMO app',
                                 'Z Camera',
                                 'Z Launcher',
                                 'GO SMS',
                                 'GO Music',
                                 'GO Launcher',
                                 'Bright Flashlight',
                                 'S Photo Editor',
                                 'GO Horoscope',
                                 'GO Fitness',
                                 'GO Currency',
                                 'GO Video',
                                 'Internal purchases',
                                 'Games',
                                 'Promotions',
                                 'Messages',
                                 'Contacts']},
 'initial_access_broker': {'entry_point': 'Port 80 with no login required'},
 'title': 'GOMO Data Exposure Incident',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Exposed Port 80 with no login required'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.