Data Breach: Online Culinary Website Exposed Private Information of Thousands of French s

Reading time: 5 min

First published: Apr 20, 2020

Updated 2 times since publishing

WizCase has found an open Elasticsearch database from GuyDemarle, an online platform for selling culinary equipment. The platform also works as a social site where people can interact, follow popular s, share recipes, and save them to their for later use. The server contained personal data including email addresses, full names, and more from over 85,000 ed s.

What’s going on?

Our team of hacktivists, led by security expert Avishai Efrat, located an unsecured database server used to store GuyDemarle data. As the server didn’t have accurate security settings turned on, it revealed the private information of over 85,000 active s on the website. The data could be viewed by anyone with access to a simple internet browser due to a lack of server encryption or protection.

The leaked data exposed a lot of the s’ personal information, such as:

  • ’s full name
  • ed IP address
  • Email address
  • name
  • Profile type chosen at creation (“classic” or “advisor”)
  • Serial numbers of iCooking and beSave products purchased by each

Screenshot of leaked GuyDemarle data

This vulnerability affected both existing s and those who are new to the site. To check what data was visible and if the leak was still active, we ed as a new through the GuyDemarle website.

As a result, our details appeared immediately on the open server, exposing all of our information. It revealed our email address, full name, number of followers, IP address, and whether we purchased iCooking and beSave products.

Screenshot of our exposed GuyDemarle data

Whose Data is Available and What Are the Consequences of Such a Leak?

The data leak put over 85,500 s’ vulnerable information at risk. As the server was used to store live information and not backups or tests, the number of exposed s kept growing during our research. As the GuyDemarle website displays live numbers of existing s, we also noticed that it matched the amount of data in the database at any given time. This shows that the data is synced and the server was used to store live information about the website and not backups or test data.

Additionally, we discovered that many s had their data saved in different locations on the server. This is because their personal information was saved alongside the data about the ’s recipes activity. As the data was stored in all of the recipe entries as well as in data entries, we could easily correlate s with their online activity on the website.

Luckily for s, it seems that no payment details were stored on the server. Instead, the only purchase information available was the serial numbers of iCooking and beSave products bought by each . This showed us who bought the smart cooking appliances, such as iCooking robot, or the eco-friendly food containers.

However, this data breach still left GuyDeMarle s vulnerable to online scams and threats, such as:

  • Phishing scams: With direct access to specific private information, including names, recent purchases, and whether a person has an on the website, attackers can target s with convincing and seemingly trustworthy phishing emails. This can encourage clickthroughs to malicious links included in the email which in turn allows hackers to steal more vulnerable data or even install malware on s’ devices.
  • Fraud and identity theft: Hackers can use leaked PII details in fraudulent activity to disguise themselves as someone else. With personal details including full name and email address, attackers can quickly gain credibility without raising suspicion. While the lost data may not be enough for most identity thieves, it still puts s at risk of having their information stolen.

How Did it Happen and What to Do Now?

As Elasticsearch is designed to be installed on a company’s internal network, by default it doesn’t require any form of authentication before allowing access to the database. If this setting isn’t manually changed after installation, it could allow anyone who accessed the Elasticsearch server to browse through GuyDeMarle’s s’ data. Moreover, the vulnerable server had no security settings, such as whitelisting or firewall, enabled.

If you are a GuyDeMarle , you should take extra precautions to protect your personal data. Stay vigilant and aware of any unusual activity appearing in your emails or other online s as this could indicate identity theft.

On top of that, never provide additional profile information in response to suspicious emails. that no online companies, including GuyDeMarle, would ever request any personal data through an email.

Report any online activity you don’t recognize and, if possible, change your s and set up two-point authentication.

Who is WizCase and Why Should I Trust You?

WizCase is a leading cybersecurity website visited regularly by millions of s. Translated into 30 languages, it has gained the trust of people all over the world. Our incredible team of security experts has discovered and exposed a number of data breaches, including vulnerabilities in many popular webcams. Together we work towards making the online space more secure for everyone.

We always the companies involved in data leaks prior to publishing articles. This gives them a chance to secure s’ data and fix their servers. After receiving no response from the GuyDemarle team, we ed the information about the leak to the French Cybersecurity Emergency Response Team (CERT). They then notified the company and helped secure the vulnerable server.

We review vendors based on rigorous testing and research, and also take into your and our commission with providers. Some providers are owned by our parent company.
Learn more

Wizcase was established in 2018 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, Intego and Private Internet Access which may be ranked and reviewed on this website. The reviews published on Wizcase are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into the technical capabilities and qualities of the product together with its commercial value for s. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Cyber Research Team
Written By Cyber Research Team
The WizCase Cybersecurity Research Team aims to investigate and uncover the latest threats on the internet. The global research team uses ethical hacking methods to shine a light on data breaches, privacy leaks, and security flaws within online communities and organizations.
Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!

We're thrilled you enjoyed our work!

As a valued reader, would you mind giving us a shoutout on Trustpilot? It's quick and means the world to us. Thank you for being amazing!

Rate us on Trustpilot
4.30 Voted by 3 s
Title
Comment
Thanks for your
Loader
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Loader
Loader Show more...