After an in-depth analysis of the file, Bob Diachenko, director of communications at Kromtech Security, said that the backup file contained personal information of at least 1.3 million users, including mailing address, zip code, email address, and IP address. More seriously, he also stated that the passwords appearing in this document are all stored in plaintext. This is a big security ‘no-no.’
Bob Diachenko wrote in the press release: “Passwords were stored in the plain text, which is great negligence, taking into account the problem with many users re-using passwords for multiple accounts, including email accounts.”
The backup file is named “MBMWEB_backup_2018_01_13_003008_2864410.bak”, which was created on January 13 of this year. There is a reason to believe that most of the user data of MBM Company are included in this document.
Source: thenextweb
