21 September 2021

EventBuilder misconfiguration put at risk personal details of hundreds of thousands of event registrants


EventBuilder misconfiguration put at risk personal details of hundreds of thousands of event registrants

The personal information of hundreds of thousands of people, who attended online events have been accessible online due to a misconfiguration in the EventBuilder platform, a widely used event management tool that is designed for Microsoft Teams and other Microsoft products.

The data leak was discovered by security researcher Bob Diachenko and Clario Tech, a company that provides consumer security and privacy products.

Diachenko and Clario discovered an unprotected Microsoft Azure Blob storage containing thousands of large CSV and JSON files that stored Microsoft events registrants' details and summaries. The leaked personal info included full names, email addresses, company names and position in the company, phone numbers, questionnaires answered.

“The storage in question was supposed to be partially public, to host recorded sessions for link-only access. However, for some reason, the webinar organizers were putting registrant information into the blob. This meant it was open to indexing by a Public Bucket searcher (Grayhat Warfare), thus compromising their personal information and potentially putting them in danger of being targeted by hackers from across the globe,” Clario’s Andriy Slynchuk explained in a blog post.

“The estimated number of records leaked is unknown but based on the exposed file sizes, it could run into the hundreds of thousands.”

The researchers contacted EventBuilder about the data leak on June 10 and the issue was resolved on the same day.


Back to the list

Latest Posts

Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Attempted attacks come days after a massive ransomware attack on Hillel Yaffe Medical Center, attributed to the DeepBlueMagic group.
19 October 2021
State-sponsored hackers target orgs in South Asia with custom backdoor

State-sponsored hackers target orgs in South Asia with custom backdoor

Harvester has been observed using both custom malware and publicly available tools, such as Cobalt Strike Beacon and Metasploit, in their attacks.
19 October 2021
CISA, FBI and NSA share advice on how to defend against BlackMatter ransomware attacks

CISA, FBI and NSA share advice on how to defend against BlackMatter ransomware attacks

Since July 2021, BlackMatter has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture Sector organizations.
19 October 2021