Post AZtFr8bLgi4r1uf12e by admin@mastodon.tech
 (DIR) More posts by admin@mastodon.tech
 (DIR) Post #AYfXUcM0FHOKB9eN2u by admin@mastodon.tech
       2023-08-12T22:52:34.771253Z
       
       1 likes, 0 repeats
       
       — Data Leak Existed for at Least 3 Months On #Mastodon —According to the service, they registered that the misconfiguration existed on February 24. Subsequently, it is said to have taken only half an hour to fix the error. However, the question arises as to how long criminals had access to the exposed data. The service itself suspects that it existed since February 2. However, a user of the social network gives a different information. He reported that his data had already been exported on December 5. If this is the case, the leak would have lasted for more than three months. However, Rochko contradicted this information.The CEO also revealed the exact number of people affected. If you add the users of Mastodon.social with those of Mastodon.online, which was also affected, you get more than 6,000 users. In addition, it was human error that led to the misconfiguration. The wrong setting was also found in other channels of the service. Of course, it was corrected there as well. Rochko told colleagues at Golem.de that no evidence of data access could be found in the archives. Nevertheless, access cannot be ruled out with absolute certainty.SOURCE: https://basic-tutorials.com/news/major-data-leak-from-mastodon/
       
 (DIR) Post #AYfhkte4iskjyyVKbo by raymondpert@mstdn.social
       2023-08-12T23:12:56Z
       
       1 likes, 1 repeats
       
       @admin Major data leak from Mastodon>Apparently, third parties have even gained access to direct messages.https://basic-tutorials.com/news/major-data-leak-from-mastodon/ #mastodon #security #privacy
       
 (DIR) Post #AYfhkuVbVrZSezY52m by leighms@mastodonapp.uk
       2023-08-12T23:38:57Z
       
       1 likes, 1 repeats
       
       @raymondpert @admin Unless I'm missing something, what data is there to leak?Someone could get my email address. Judging by the ton of spam I get it is pretty much out there.Most people don't use their real name, and no phone number or address details are stored.I know this system isn't encrypted so wouldn't send sensitive information on it.Nice it's been spotted and fixed. My pants were never in danger of getting soiled.
       
 (DIR) Post #AZtFr8bLgi4r1uf12e by admin@mastodon.tech
       2023-09-18T11:33:00.250836Z
       
       0 likes, 0 repeats
       
       Good point 👍 I guess the hope is to use Mastodon for more secure transactions in the future but the data-leak reveals it’s not ready