Cybernews reports that more than 140,000 childcare and early education facility records, including parent and child data, have been inadvertently exposed by an unsecured Elasticsearch database believed to belong to widely used customer relationship management platform LineLeader.Analysis of the misconfigured database revealed exposure of full names, email addresses, and phone numbers categorized into leads, inquiries, and children, suggesting the compromise of an active CRM system, according to the Cybernews research team. While the database has since been secured, attackers could leverage the leaked information to facilitate phishing and identity theft attacks."For the childcare and early education sector, these findings highlight the critical responsibility both software vendors and their customers share when handling sensitive family data," said researchers. Such a development comes amid a slew of accidental data exposures involving children, with parental control app KidSecurity found to have leaked sensitive data due to an unprotected Kafka Broker Cluster and an unsecured Elasticsearch database last year and in 2023, respectively.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




