A popular photo booth company left private customer photos and videos exposed on the internet. The security flaw was discovered by a researcher in October. The company, Hama Film, has not fixed the issue despite being alerted.
This incident involves booths that upload pictures to company servers. Those files were accessible due to a simple website vulnerability. According to TechCrunch, the data includes images of young people posing in the booths.
Security Researcher Finds Unprotected Server Access
The researcher, known as Zeacer, found the vulnerability in Hama Film’s systems. He reported it to the company and its parent firm, Vibecast, in late October. He received no response to his warnings.
Zeacer provided evidence to TechCrunch showing the exposed media. At one point, over a thousand pictures from Melbourne booths were visible online. The company has franchises in Australia, the UAE, and the United States.
Data Deletion Policy Limits But Does Not Eliminate Risk
Initially, photos were stored for two to three weeks before deletion. The company has since changed this policy. Pictures now appear to be deleted after 24 hours.
This change limits the volume of data exposed at any single moment. However, the core security flaw remains. A malicious actor could still exploit it daily to harvest all new photos and videos.
The situation highlights a failure to implement basic security practices. It mirrors other recent incidents where companies neglected simple safeguards. Rate-limiting and access controls could have prevented this exposure.
The lack of response from Vibecast and Hama Film raises serious concerns. Customers’ private moments were put at risk without their knowledge. As of the latest reports, the data leak vulnerability has not been fully resolved.
This ongoing photo booth data leak underscores a significant privacy failure. Companies handling sensitive personal media must prioritize security. The exposed customer pictures reveal the human cost of such negligence.
Info at your fingertips
Q1: What company had the data leak?
The leak involves Hama Film, a photo booth manufacturer and franchise operator. Its parent company is called Vibecast. The company operates in several countries including Australia and the United States.
Q2: What kind of data was exposed?
The exposed data includes photos and videos taken by customers inside the booths. The images show groups, often young people, posing together. This media was automatically uploaded from the booths to company servers.
Q3: Has the data leak been fixed?
As of the latest reports, the core security flaw has not been fully fixed. The company has shortened how long it stores pictures from weeks to 24 hours. This reduces the amount of data available but does not seal the vulnerability.
Q4: How was the security flaw discovered?
A security researcher using the name Zeacer discovered the vulnerability in October. He found a simple flaw on the company’s website that allowed access to stored files. He reported his findings to the company but received no reply.
Q5: What should affected customers do?
Customers who used a Hama Film booth should be aware their images may have been exposed. They can attempt to contact the company directly, though it has not been responsive. Monitoring for any misuse of personal images is advised.
Q6: Why is this considered a serious breach?
It is serious because it involves private, potentially embarrassing images of individuals. The company failed to implement standard security measures to protect this data. The lack of response to the researcher’s warnings compounds the issue.
iNews covers the latest and most impactful stories across
entertainment,
business,
sports,
politics, and
technology,
from AI breakthroughs to major global developments. Stay updated with the trends shaping our world. For news tips, editorial feedback, or professional inquiries, please email us at
[email protected].
Get the latest news and Breaking News first by following us on
Google News,
Twitter,
Facebook,
Telegram
, and subscribe to our
YouTube channel.
