124 million data is filtered from a video surveillance app that can be downloaded from the Play Store
It is a popular app in the United States, but it is also available to download in Spain through the Play Store and the App Store. An investigator has uncovered the data leak that affects thousands of users.
Adorcam is an app used to connect any surveillance camera that is IP P2P just by entering its ID and a password. A security researcher has discovered a data leak that directly affects thousands of users, as they have calculated that there are around 124 million rows of leaked data.
According to the investigation, there was a large database at the mercy of anyone on the Internet. It is the data of thousands of users worldwide and without security.
The Elasticsearch database was owned by Adorcam. Is this the app that serves to see and control various models of video surveillance cameras that can be downloaded for Android and iOS. In addition, it is the app used by Zeeporte cameras that are sold on Amazon.
The security researcher who discovered all this is called Justin Paine and he decided to contact Adorcam to show him his findings. The company secured the database and little else.
Justin Paine was able to discover that the cameras were uploading photos to the cloud, but he couldn’t prove it because by then the links had expired.
The Security Investigator’s Finding going further, he located encrypted credentials on an exposed server and alerted Adorcam that he changed the password. In addition, he commented that the database was updating live while looking for your test information.
Paine warned that these data were not highly sensitive, but that they fell into the wrong hands those emails could be used to blackmail thousands of customers and threaten them to post images if they don’t pay a certain amount of money.
As reported by TechCrunch, Paine told them that the database contained 124 million rows of data including live recordings, locations, active microphones, exposed WiFi networks, emails, etc.
Adorcam has not commented on the matter. In fact, the app is still active and can continue to download without problems in the Play Store and App Store. We We recommend removing the app and deactivating the IP cameras associated with this application.