Y
Hacker News
new
|
ask
|
show
|
jobs
by
Alex3917
2156 days ago
Ideally they'd report it so that password managers could warn everyone, but with just the database URI there isn't necessarily any obvious way to know what domain or business its associated with.
2 comments
GekkePrutser
2156 days ago
Doesn't really matter, as long as the credential is exposed, users can be warned. No matter where it came from.
link
wtracy
2156 days ago
If the attacker can write to the DB, then they can add entries to every table with the string "Hey your database is unsecured!"
link