The CyberNews investigations team discovered an unsecured data bucket that belongs to Panion, a Swedish software company. The unprotected bucket contains more than 2.5 million user records, including full names, email addresses, genders, interests, location coordinates and last login dates, as well as selfies and document photos.
The files containing the records were left on a publicly accessible Amazon Web Services (AWS) server, allowing anyone to access and download the data.
After we contacted Amazon regarding the exposed Panion bucket, access to files containing user data was disabled.