Passion.io Leak Exposes Data of 3.6 Million Users

A misconfigured database has exposed the personal information of approximately 3.6 million creators using Passion.io, a platform that helps users build custom mobile apps. The unsecured database, left accessible without authentication, reportedly contained sensitive user data, including names, email addresses, and other identifiable information.

The breach was discovered by security researchers who found that the information was publicly available online. It remains unclear how long the data was exposed or whether malicious actors accessed or downloaded the information before the issue was identified.

Passion.io has not publicly confirmed the breach or disclosed details regarding how the security lapse occurred. The exposure highlights ongoing concerns about cloud database misconfigurations and the importance of securing user data in digital platforms.

Hackread, which first reported the incident, urged users to remain vigilant and monitor their accounts for suspicious activity. The company behind Passion.io has yet to comment on the potential impact or any remediation steps taken.