March 30 researchers from Kromtech Security found in the network database of 25,000 investors, open to public viewing, containing full names, residential address, email addresses, encrypted passwords, information about the purses and also links to scanned passport, driver’s license and other identifiers in more than. The information collected by the project Bezop, was discovered in the MongoDB database and was not in any way protected.
On the project website Bezop John McAfee is listed as the Advisor. The startup is developing a blockchain e-Commerce platform, which John praised in his Twitter as “a distributed version of the Amazon.com”:
ICO of the week: BEZOP.IO. Bezop is a distributed version Amazon.com that allows you to simply and securely create e-Commerce sites with features like search in Amazon, but no Amazon as an intermediary. Once in the world of blockchain, the platform can grow to global dimensions.
In addition Bezop also added its own crypto currency called “Bezop Tokens”.
During the ICO, which ended January 10, 2018, Bezop launched its first Bounty program in which people earn Tokens Bezop in exchange for the promotion of the project in social networks and forums, using a verified signature Bezop.
One of the tables in an unsecured database was named “Bounty” and could contain information about people who invested and participated in this program.
Posting of personal information early investors — not the best start for any project. In fact, it is difficult to understand how this could happen, even if by mistake. Considering setting up MongoDB, you will need to manually select public access.
At the time of writing, the team was notified about the discovered database, but did not give any comments.