Over 3.6 million records containing sensitive personal and financial data of app creators and users were left exposed online due to an unprotected and unencrypted database.
The public-facing data uncovered by cybersecurity researcher Jeremiah Fowler, linked to the no-code app-building platform Passion.io, contained a staggering 12.2 TB of data, including spreadsheet documents labeled “users” and “invoices,” names, email addresses, physical addresses, payment details, and profile images—some of