Read at TechCrunch
Nevada software startup Dexiga left an exposed database without a password, allowing anyone with the IP address to access customer data for the My WinStar app.
Anurag Sen, a security researcher, found the database and shared it with TechCrunch.
The exposed data includes personal information such as names, phone numbers, addresses, and gender, but some sensitive data was redacted. The database also revealed an internal user account and password associated with Dexiga's founder.
TechCrunch confirmed the source of the database by downloading the My WinStar app and signing up.