Hackread reports that more than 1.1 million users of the U.S. and UK military social networking and dating service Forces Penpals had their personal information exposed due to a server misconfiguration.
Data within the unsecured database included military personnel and their supporters' full names, images, mailing addresses, locations, images, Social Security numbers, and National Insurance numbers, a report by cybersecurity researcher Jeremy Fowler published on vpnMentor showed. Armed forces members also had their military ranks and proof and branch of service leaked. "In a limited sampling, a majority of the documents I saw were user images, while others were photos of potentially sensitive proof of service documents," Fowler said. Such a data leak, which was noted by Forces Penpals to have been caused by a coding error, has since been resolved but additional details regarding potential unauthorized access to the database, as well as the duration of its public exposure, remain uncertain.
