BigFooty.com leaked 70 million user records

Australian sports fan site BigFooty.com leaked 70 million user records

by Posted on

BigFooty[dot]com, the largest Australian Football League (AFL) forum in the world recently exposed one of its unsecured Elasticsearch database online that leaked more than 70 million users’ records.

Last week, a team of researchers led by Anurag Sen at SafetyDetectives discovered the compromised 132GB sized database online that was being operated by the BigFooty.com’s parent company Big Interest Group LLC. to store private user data as well as technical information relating to the BigFooty.com’s web and mobile sites.

BigFooty data leak exposed elasticsearch database
Image: Exposed Elasticsearch database cluster and server info. of BigFooty.com

“The database contains around 70 million records, including usernames and passwords, email addresses, mobile phone numbers, as well as private messages revealing more critical details,” a SafetyDetectives spokesperson told QuickCyber.

Passwords exposed in BigFooty data leak
Image (SafetyDetectives): Password information relating to both accounts and streams hosted by BigFooty.com
Email addresses exposed in BigFooty.com data breach
Image (SafetyDetectives): Thousands of email addresses and usernames were available on the unsecured server

During further investigation, the researchers also found data related to the site’s internal workings including, server information, OS information, internal resource details, browser information, error logs, access logs, IP addresses, and GPS/location data.

“The leak included data from the site’s forum such as public posts as well as private messages between users,” reads the report by SafetyDetectives. “Although many user messages were available publicly, whether or not users could be identified depends on the data they shared in their correspondence. Many users shared mobile phone numbers, passwords to access other content and highly sensitive information relating to private activities”.

Researchers at SafetyDetectives informed BigFooty about the leak, but due to no response from the BigFooty team, they further contacted Amazon AWS (the service provider) and the Australian Cyber Security Centre.

The Australian Cyber Security Centre then took down exposed servers immediately.

The Impact Of This Data Breach

The information leaked in this breach contained sensitive information such as chat transcripts, email ids, phone numbers of the high-profile users such as Australian police officers and also government employees. It could allow hackers to potentially blackmail any victim or do reputational damage very easily.

“Technical server data and user conversations could be leveraged to obtain further information and, therefore, empower malicious hackers to compromise the server and its users,” said the researchers.

“In terms of website vulnerability, by compromising BigFooty’s server, hackers obtain data that could help compromise other sister sites such as BigCricket.com,” researchers concluded the report.

Share with your friends:

Published by Kanishk Tagade

Founder and Editor at QuickCyber. Kanishk is a cybersecurity enthusiast, security researcher, and an enterprise growth marketer. He's also a community member of the Nasscom community and corporate contributor at many technology magazines and security awareness platforms. He is also a social micro-influencer for cybersecurity, Infosecurity, digital transformation, and artificial intelligence technologies.

Leave a Reply

Your email address will not be published. Required fields are marked *