Abbyy Open Customer Database to be Found

The database without a password contained data on more than 200 000 customers
28 August 2018   910

Independent security specialist Bob Dyachenko found a unprotected database running on MongoDB with more than 200 thousand scanned private documents on the server of the Abbyy company. Among them - contracts, nondisclosure agreements, corporate usernames and scrambled passwords. This is reported by Tech Crunch.

The researcher told the company about the problem in early August 2018, and it shut down the server. August 27, 2018 Abbyy confirmed the leak, but did not explain why the server was not protected by a password. According to its representatives, only one client was compromised.

The incident in question concerns one rather than several customers and files bearing commercial information. The customer has been duly notified and we are cooperating on corrective measures.
 

Anna Ivanova-Galitsina

Spokeperson, Abbyy

In May 2017, another MongoDB DB was leaked. The specialists found a huge database with 560 million pairs of e-mail-password values.

Frontend News Digest 26-29.11

Pros of Strapi CMS, create a Restful API Using Mongoose and Joi, Node OracleDB update and more
29 November 2019   586

Greetings! I hope your week went great! Here's new Python news digest.

Learn how to publish npm packages with meta files, check tutorial to Helm 3, how to reduce Twilio webhooks and more

Guides

  • Publishing npm Packages Without Meta Files 

Learn what ‘meta’ files (config files, .npmignore, IDE files, etc.) should not make it into your npm packages

  • Guide to Helm 3 with an Express.js microservice

Helm is a package management tool for the Kubernetes ecosystem and this tutorial covers creating a chart (packages/pre-packaged apps Helm can work with) for an Express.js service

  • How to secure Twilio webhook URLs in Node.js

Three ways to secure your webhook (HTTP request that Twilio, a popular communication API provider for SMS, voice, video performs to find out what the reaction to a Twilio should be) URLs

Articles

  • 5 Things I love about Strapi, a Node.js headless CMS

Overview of Strapi CMS, covering its pros

Updates

  • fix-es-imports

Fixes your ES import paths

  • PostGraphile

This solutiona llows you to get an instant  GraphQL API for your PostgreSQL database with one command

  • node-oracledb

Oracle Corp supported Oracle Database driver for Node.js 

  • public-ip 

Allows you to get public IP address "very fast", as developers say - maybe, worth checking?

Videos

  • Promises From Scratch In A Post-Apocalyptic Future

  • Node.js | Hapi.js & MongoDB | Create a Restful API Using Mongoose and Joi