K7Maths Database

On June 9, 2019, a misconfigured MongoDB database exposed sensitive data belonging to K7Maths, an online education platform. The leak contained 1,077,930 records, potentially impacting a significant number of users.

The leaked data included personally identifiable information (PII) such as names, email addresses, phone numbers, and birth dates. It also contained sensitive information about students academic performance, including test scores and grades. The exposed database was unsecured and accessible to anyone with an internet connection.

The leak was discovered by Bob Diachenko, a security researcher who regularly scans for exposed databases. Diachenko notified K7Maths about the breach, and the company promptly took action to secure the database and prevent further unauthorized access. K7Maths also launched an investigation into the incident and notified affected users about the leak.