A important facts leak has impacted the LectureNotes discovering application, leaving in excess of two million users’ private facts uncovered thanks to a misconfigured databases. Set up in 2017, LectureNotes has been at the forefront of supplying on the web notes to undergraduate college students.
The system, obtainable across world wide web, Android, and iOS platforms, presents a myriad of expert services which include handwritten notes by means of LectureNotes, are living understanding through LecturePrime, AI-pushed material personalization by using LectureRooms, institutionalized classes by way of Lecture Academy, and video clip conferencing infrastructure by means of LectureRemote.
A single of LectureNotes’ core objectives, in accordance to the company, is to foster localised understanding ecosystems via a community-constructing method. The system offers a consumer base of about 2 million and a staggering 3 million pages of material.
In December 2023, Cybernews researchers stumbled on a misconfigured MongoDB database joined to LectureNotes.
The database was observed to be updating in actual-time and inadvertently divulged delicate person and administrative information.
A staggering 2,165,139 person records ended up exposed, comprising a trove of private aspects, which includes usernames, whole names, e mail addresses, encrypted passwords, cellphone quantities, IP addresses, user-agent data, and session tokens.