Users of the Tunefab music ripping software suite could be waking up to an identity theft nightmare after experts claim a database left user data publicly accessible for approximately twenty-four hours in September 2023.
You might be reading this and thinking there’s no story here, and you might be right: minimal exposure time and probably minimal damage, but the cache of leaked data is supposed to be around 280GB, which is probably quite a lot. data in plain text or unencrypted databases.
As a result, we may have to wait a while to see how much damage the leak has caused, due to a misconfiguration on the MongoDB database platform, even if it was just for a day.
It’s the disclaimer, that’s right, the disclaimer.
According to a Cybernews exclusive, this estimate and the discovery of the leak itself come from cybersecurity researcher Bob Diachenko, who warns that, as is often the case with data breaches, the data can be used to create more detailed profiles about the users who I have had the misfortune that the data is briefly stated.
While tools like Tunefab operate on a “back up your music for personal use, wink emoji” basis and somehow have to get their way on some legal technicality like Roadrunner versus Wile E. Coyote, They are almost certainly in a difficult situation. legal gray area.
This is because, among other things, DVDfab, the company behind not only this software package but others designed to extract content from physical media and video streaming services, charges for them.
So, we cannot support them, but, from this same perspective, we have to recognize that they exist, that people do use them and the problems they can cause.
Buy your copyrighted content from multi-million dollar companies that don’t even need your money to operate, kids. Better yet, purchase your copyrighted content from independent, DRM-free sources, to have something resembling ownership of a digital item. Music piracy sounds good, but you know what it isn’t? Have your personal data leaked by dark forces online.
What you shouldn’t do is try to steal content from a service, period, and if are let’s do that (don’t write, we don’t want to hear about it, la-la-la-la), don’t do it by giving money to another service, especially one with such an abysmal track record when it comes to safeguarding your private data.
