vpnMentorsresearch team discovered adata breach in a server belonging to the French transport giant RATP.
RATP is a huge, state-owned company that manages most of the transport infrastructure in Paris and elsewhere.
The company has roughly 64,000 employees across various operations.
RATP was established in 1949 to manage public transport in the Greater Paris region.
RATPs services carry 3.3 billion passengers every year, and the company employs 64,000 people.
But rare are these times.
We often need days of investigation before we understand whats at stake or whos leaking the data.
Some affected parties deny the facts, disregarding our research or playing down its impact.
So, we need to be thorough andmake sure everything we find is correct and accurate.
Furthermore, the server was organized as a file directory, making it very easy to navigate.
Finally, RATPs name was found on files throughout.
GitHub is a cloud collaboration platform for developers to build software together remotely.
Well explain how further down.
In a phishing campaign, criminals send victims fake emails and text messages imitating real businesses and organizations.
To learn about data vulnerabilities in general, read ourcomplete guide to online privacy.
Our researchers use large-scale web scanners to search for unsecured data stores containing information that shouldnt be exposed.
They then examine each data store for any data being leaked.
Our team was able to access this database because it was completely unsecured and unencrypted.
RATP was using an Elasticsearch database, which is ordinarily not designed for URL use.
As ethical hackers, were obliged to inform a company when we discover flaws in their online security.
The purpose of this web mapping project is to helpmake the internet safer for all users.
We never sell, store, or expose any informationwe encounter during our security research.
Our ethical security research team has discovered and disclosed some of the most impactful data breaches in recent years.
This has includedexposing the growing popularity of cybercrime groups on Telegram.
We also revealed how apopular Chinese game developer was leaking data from over 1 million people.
You may also want to read ourVPN Leak Report and Data Privacy Stats Report.
Help Us Protect The Internet!
Check the Leak Box here »
like, comment on how to improve this article.
