Blur Password Manager Exposes 2.4 Million Users
Return To ArticleAbine Inc., the company behind the Blue password manager and DeleteMe privacy-protection service, has admitted that it accidentally exposed data relating to 2.4 million users on a misconfigured Amazon Web Services Inc. instance.
The company made the announcement on Dec. 31, making it the last AWS storage issue of the year. The file with user data was discovered on Dec. 13.
The data in the file related to Blur users who had signed up prior to Jan. 6, 2018, and included usernames, emails, password hints and the last and second-to-last IP addresses that were used to log in to Blur.
Passwords were also in the file but were encrypted for every user. The security key was not included in the exposed document.
