Uncategorized

Widespread Keenetic router data breach uncovered

Internet of Things (IoT)

More than a million households, primarily in Russia, had their credentials, logs, network configurations, and other sensitive details leaked following the compromise of network equipment vendor Keenetic's Mobile App database, Cybernews reports.

Aside from leaking more than 1.03 million records with comprehensive user data and 929,501 records with device information, such a database also exposed 558,371 device configuration records and service logs with more than 53.8 million records, according to Cybernews researchers. "This incident highlights the importance of secure development and hosting practices within supply chains. All vendors, including Keenetic, and their development partners, need to implement stringent data protection protocols, as this leak painfully demonstrates," said researchers, who emphasize the potential exploitation of exposed admin credentials to escalate privileges and facilitate malicious firmware deployment. However, Keenetic, which confirmed addressing the unsecured database two years ago, shared the low odds of any malicious activity stemming from the exposure.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds