A significant data breach at Forces Penpals, a social networking and dating service for military personnel and their supporters, exposed more than 1.1 million records.
The breach was discovered by cybersecurity researcher Jeremiah Fowler, who reported the issue to vpnMentor. The exposed database, left unprotected and unencrypted, contained 1,187,296 documents, including user images and sensitive proof-of-service documents.
The leaked information included names, addresses, Social Security Numbers (US), National Insurance Numbers (UK), military service details, and personal photos. Forces Penpals acknowledged the breach, attributing it to a coding error that routed documents to an incorrect storage bucket with debugging features left active.
While public access to the data was restricted promptly after disclosure, it remains unclear how long the database was exposed or if it was accessed by malicious actors.
This breach highlights potential security and privacy risks for military personnel, particularly those on active duty or with security clearances. Leaked service details could create risks of identity theft, phishing attacks, or even national security concerns.
Forces Penpals, which serves over 290,000 users across the US and UK, must now confront the implications of this exposure and enhance its security measures.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.