Home / Early Warning / Cybersecurity Highlights / Exposed 21,612 records of Kars4Kids users

Exposed 21,612 records of Kars4Kids users

11/13/2018

Security researcher Bob Diachenko has discovered a Kars4Kids users database, a nonprofit, unprotected car donation organization that contained 21,612 records with personal details.

The data was available from multiple misconfigured MongoDB instances, which included information regarding email addresses and personal data, as well as login credentials with administrator privileges.

Bob Diachenko contacted Kars4Kids to inform them about the security vulnerability, and they replied that they had secured the vulnerable database, notified the FBI of the incident and informed the donors whose information was affected.