In today’s world we have become more and more connected to Internet services, software, and hardware devices.
We share our information with our banks, medical institutions, and employers. We share our information with smartphones, smart TVs, smart watches, and other “smart things” in our homes, which usually retain our information in the remote databases outside our control. These technologies are deeply integrated into our lives and, in many cases, we have become dependent on them, making us vulnerable when the technology fails or our information is not properly protected.
We conduct security research to locate any data exposures in the databases of various companies, organisations, and institutions.
Typically we use the Shodan search engine to locate unprotected Internet-connected devices. This search engine is publicly accessible, and allows researchers to identify devices and databases that are connected to the open Internet without any password protection or other technological barriers to safeguard the data stored in them. We do not crack passwords or authentication processes or use any other hacking tricks.
Once we discover a publicly exposed database, we report our findings according to the following guidelines:
- When appropriate, we provide details of the data exposure to the company, organisation, or institution that failed to protect itself.
- We do not modify the data we found.
- We allow entities time to remedy the data exposure prior to making any details available publicly that would otherwise cause further risk.
- We do not transfer any data to any third parties.
Why do we do this?
Here, in the Security Research Center, we do our best to:
- Help businesses build better security by identifying data leaks, and
- Raise public awareness to the dangers related to data breaches and security risks in the connected world.
In case you have any comments, tips or suggestions please contact: email@example.com