Hackread reports that Chinese Internet-of-Things grow light and agricultural software firm Mars Hydro had 1.17 TB of data containing 2.7 billion records inadvertently leaked by a misconfigured database.
Such a database — which was associated with California-registered company LG-LED SOLUTIONS LIMITED — not only contained Wi-Fi network names and credentials, device IDs, IP addresses, and email addresses but also other sensitive logging, monitoring, and error records for IoT devices around the world, according to an investigation by cybersecurity researcher Jeremy Fowler published on vpnMentor.
Also discovered within the database were API information and URLs linked to LG-LED SOLUTIONS and Spider Farmer, another grow light manufacturer.
While Mars Hydro has already proceeded to secure the exposed database, additional investigation is needed to be certain of its ownership, as well as exposure extent and timespan, said Fowler.
Such a development follows a Palo Alto Networks report detailing the elevated prevalence of vulnerable IoT devices, most of which send unencrypted data.
