GOMO

50,553,664 GOMO app users’ information has been exposed.

GOMO backup data was exposed on Port 80 with no login required.

There was also a second IP address that was exposing all of the backup data without any login required.

In total, there were more than 70 databases exposed, involving applications listed on GOMO’s website including Z Camera, Z Launcher, GO SMS, GO Music, GO Launcher, Bright Flashlight, and S Photo Editor.

Other affected applications include GO Horoscope, GO Fitness, GO Currency, GO Video, as well as internal purchases, games, promotions, messages and contacts.

The complete GOMO deployment and development system with all end points, credentials and project information was exposed

A lot of its development, internal, and system details and workings were also exposed.

GOMO also provides services for clients like private VPN’s, and the exposed database contained 477,521 account IDs of customers who subscribe to this service.

Source: https://www.databreaches.net/50553664-gomo-app-users-information-exposed-researcher/

"id": "GOM13481122",
"linkid": "gomodigital",
"type": "Data Leak",
"date": "08/2018",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"