NeverSkip Database

In 2021, NeverSkip, a college planning service, suffered a major data breach exposing the personal information of over 5 million users. The leak was caused by an unsecured AWS S3 bucket containing a database containing 5051746 records.

The exposed data included sensitive information such as names, addresses, phone numbers, email addresses, dates of birth, and even financial aid details. The breach also compromised the personal information of students and their parents, including minors.

The breach was discovered by security researcher Anurag Sen, who notified NeverSkip about the vulnerability. The company responded by securing the database and launching an investigation into the incident. However, the exposed data had already been downloaded and shared online by the time the breach was discovered.