Close this search box. white logo

CloudDefense.AI Discovers Unsecured Database of a Higher Education Social Platform, Exposing Sensitive Personal Data of Millions

Higher education institutions have embraced online platforms to facilitate communication and collaboration among students, faculty, and alumni. However, with convenience comes risk, and this risk has been starkly highlighted by a recent discovery made by CloudDefense.AI.

The Unsecured Database: How Did It Happen?

An unsecured database containing personal information of millions of users of a higher education social platform was recently discovered by a security researcher. The social platform, formerly known as CampusKudos and now called PeopleGrove, left an internal database exposed to the internet without a password, allowing anyone with knowledge of its IP address to access the data using a web browser.

Database Exposed

The exposed database contained gigabytes of personal information, including email addresses, phone numbers, addresses, details of university achievements and scores, and resumes containing detailed work histories and employment details. Shockingly, none of the exposed data was encrypted, making it easy for anyone to access and steal sensitive personal information.

CloudDefense.AI Discovers Unsecured Database of a Higher Education Social Platform, Exposing Sensitive Personal Data of Millions

CloudDefense.AI’s Discovery and Response

CloudDefense.AI security researcher, Anurag Sen, discovered the database on Thursday and immediately contacted TechCrunch, who then notified PeopleGrove. The server hosting the database became inaccessible soon after.

PeopleGrove’s Chief Technology Officer, Reilly Davis, confirmed that the database was for their development servers and that most of the data was non-production test data. However, it’s still unclear why the test database contained real people’s information, and the company is currently investigating how and why the database became accessible from the internet.

TechCrunch Verified

TechCrunch verified the exposed data by matching contact information using public records, social media profiles, and career social networks like LinkedIn. Shockingly, some of the exposed information included details of a user’s former top secret security clearance and personal contact information, including home address, personal email, and phone number.

PeopleGrove’s Website Claim

At the time of discovery, the database had more than 25 million logs, while PeopleGrove’s website claims to have more than 20 million users. PeopleGrove’s CTO, Davis, has promised to notify affected users “if we do find their sensitive data was exposed” and said that the company has implemented logging within its Google Cloud environment to determine what data may have been accessed or exfiltrated.

This recent incident highlights the importance of proper security measures when storing sensitive personal information. It also serves as a warning to companies to regularly check and monitor their databases for any vulnerabilities that could lead to data breaches.


The unsecured database discovery by CloudDefense.AI serves as a stark reminder of the vulnerabilities in our digital world. Data security is not an option but a necessity. It underscores the need for companies to regularly audit and monitor their databases for vulnerabilities that could potentially lead to devastating data breaches. As we navigate an increasingly interconnected digital landscape, safeguarding personal data must remain a paramount priority for all organizations.

Related Articles:

  1. CloudDefense.AI exposes security flaw in breast pump company’s data storage, leaving millions of documents at risk
  2. CloudDefense.AI Discovered Yes Madam’s Security Breach, Exposing Sensitive Data of 900,000 Customers and Gig Workers
Blog Footer CTA
Table of Contents
favicon icon
Are You at Risk?
Find Out with a FREE Cybersecurity Assessment!
Picture of Abhishek Arora
Abhishek Arora
Abhishek Arora, a co-founder and Chief Operating Officer at CloudDefense.AI, is a serial entrepreneur and investor. With a background in Computer Science, Agile Software Development, and Agile Product Development, Abhishek has been a driving force behind CloudDefense.AI’s mission to rapidly identify and mitigate critical risks in Applications and Infrastructure as Code.
Protect your Applications & Cloud Infrastructure from attackers by leveraging CloudDefense.AI ACS patented technology.

579 University Ave, Palo Alto, CA 94301

Book A Free Live Demo!

Please feel free to schedule a live demo to experience the full range of our CNAPP capabilities. We would be happy to guide you through the process and answer any questions you may have. Thank you for considering our services.

Limited Time Offer

Supercharge Your Security with CloudDefense.AI