March 19, 2024 at 06:18AM
Google Firebase misconfiguration led to the leak of more than 125 million user records, including plaintext passwords. It began with the hacking of the Chattr AI hiring system, exposing names, phone numbers, emails, and sensitive details. Further exploration found 900 websites exposing data on a massive scale, impacting millions of individuals. Chattr addressed the issue promptly.
After reviewing the meeting notes, it is evident that a significant data breach occurred due to misconfigured Google Firebase instances. The breach impacted Chattr, an AI hiring system used by various organizations including fast food chains such as Applebee’s, Chick-fil-A, KFC, Subway, Taco Bell, and Wendy’s. The breach was exploited by security researchers mrbruh, xyzeva, and logykk, who identified a weakness in Chattr’s Firebase implementation and gained access to sensitive user data, including plaintext passwords, confidential messages, and more.
Following this, the researchers identified 900 websites with misconfigured Firebase instances, exposing the information of 125 million users. The exposed data includes names, email addresses, phone numbers, passwords, and billing information. Some of the affected websites include Silid LMS, Lead Carrot, MyChefTool, and an online gambling network of nine sites.
It is important to note that Chattr addressed the issue promptly after being informed by the researchers, but the extent of the breach is still a cause for concern. The researchers’ efforts to contact affected websites revealed that only a portion of the emails were successful, and only a small percentage of the sites addressed the misconfiguration. Furthermore, only two site owners offered a bug bounty.
Overall, this information underscores the importance of vigilance in securing Firebase instances and the potential widespread impact of misconfigurations on user data privacy and security.