Tunefab music piracy tool leaked hundreds of gigabytes of user data over 24 hours last year
Users of the Tunefab music ripping software could wake up to an identity theft nightmare after experts claimed a database made user data publicly accessible for about twenty-four hours in September 2023.
You might be reading this and thinking there's no story behind this, and you might be right: minimal exposure time and probably minimal damage – but the cache of leaked data is believed to be around 280GB – which is probably quite a lot. data in readable or unencrypted databases.
As a result, we may have to wait a while to see how much damage the leak has caused, via a misconfiguration on database platform MongoDB, even if just for a day.
It's the disclaimer, that's right, the disclaimer
Per exclusive from Cyber newsThis estimate and the discovery of the breach itself come from cybersecurity researcher Bob Diachenko, who warns that, as is often the case with data breaches, the data could be used to build more detailed profiles of users who have been unlucky enough to lose data to be briefly exposed.
While tools like Tunefab work on the basis of 'backing up your music for personal use, wink emoji', and somehow have to barely get away with this due to some legal technicality, like Roadrunner vs. Wile E. Coyote, they are almost certainly in a legal gray area.
This is in no small part because DVDfab – the company behind not only this software package, but also other software packages designed to rip content from physical media and video streaming services – charges for this.
So we cannot endorse them, but from the same perspective we must acknowledge that they exist, that people use them and the problems they can cause.
Buy your copyrighted content from multi-bazillionaire corporations that don't even need your money to function, kids. Better yet, buy your copyrighted content from independent, DRM-free sources so you have something akin to ownership of a digital item. Music piracy sounds cool, but you know what's not cool? That your personal information is being hacked online by dark forces.
What you shouldn't do is try to steal content from an entire service, and if you do Are I'm going to do that (don't subscribe, we don't want to hear about it, la-la-la-la), not do it by giving money to another service, especially not to one with such a terrible track record when it comes to protecting your private information.