CyberWarNews.info has the exclusive on this one:
Creditseva has been in the headlines before for the wrong reasons after security researcher Chris Vickery discovered that they had failed to secure a s3 instance which left tens of thousands personal details exposed.
Moving on months later and it has come to my attention that Creditseva has now come under attack by various hackers, one of which has managed to gain access to s3 buckets as well as rooting their server and defacing the website, not just once but twice.
[…]
The breach started just before the end of in November 2017 after a user on raid forums posted a small dump of information.
Another well known hacker using the twitter alias Taylor has managed to gain access to creditseva main website server and a copy of the s3 bucket credentials. The credentials allowed the hackers to gain access to the s3 buckets that have the same information that researcher chris vickery had discovered months back and to prove this Taylor has provided cyberwarnews.info some of the data from the s3 buckets.
Read more on CyberWarNews.info. Given that this is a credit loan site (headquartered in India, with offices in Singapore), the hack of so much unsecured personal information is concerning. After reviewing the data, Lee reported that
Each folder contains a .txt file that hold that individuals personal information include names, contacts, passports, addresses, financial and other loan related information. Some of the folders also contain a copy of that individuals passport and identification.
Lee attempted to notify the firm, who appeared to be already aware that they had a problem, but there has been no response to CWN from the firm as yet.