User information for the open-source social networking software Mastodon is currently being exposed by an active Elasticsearch server that is not associated with the software. The server is scraping posts and public account information and over 150,000 Mastodon users have been affected thus far. Security researcher Anurag Sen discovered the server on November 15th and said he was unsure how long it had been operating and collecting data. Affected information includes account names, display names, profile pictures, following count, follower count, and last status update. Since the owner of the server is unknown at this time, the number of users who are affected will likely increase.
Analyst Notes
At this time, email addresses and passwords of Mastodon users have not been affected. This could change in the future depending on the server owner’s intent and capability. Mastodon users should remain vigilant and cautious about what they post on the platform.
Leaky Server Exposing Scraped Data of 150,000 Mastodon Users
