UpGuard reveals that over 1000 misconfigured web apps leaked 38M records

Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

The UpGuard Research team disclosed that over 1000 misconfigured web apps built with Microsoft’s Power Apps accidentally leaked 38M records. The leaked records contained personal information like names, COVID-19 contact tracing, COVID-19 vaccination appointments, email addresses, and several other information.

Greg Pollock, UpGuard vice president told Wired that UpGuard’s research team found that the web apps that got misconfigured lead to data leaks. He further said they have never heard about this and ask whether it’s a one-time or systemic issue.

As per the Power Apps website, it allows users to share and quickly build low-code apps. Microsoft offers a feature called portals where people can share information.

Here, the issue was that anyone could simply obtain access to the confidential information just by visiting the subdomain that contained all source information Microsoft Power Apps made available by the portals. UpGuard said that the list would show the data when access was allowed or show a forbidden error message while access to that page wasn’t allowed.

Some of the organizations that got affected are American Airlines, Departments of Health for Maryland and Idaho, J.B. Hunt, and Ford among several others.

Featured Image: https://www.upguard.com

Looking for more  Cloud News? , subscribe to our newsletter and get regular updates. Moreover, we bring you Web Hosting NewsSecurity News, and more.

- Advertisement -spot_img
Latest News

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This