An account-by-account analysis of a random selection of more than 300 records suggested that this was live user data," Diachenko said. According to MacKeeper, the exposed MongoDB database instance contains more than 1.5 million user records. MacKeeper still has a copy of the database and has notified the Auckland company of the data breach, the company said. Data breach notifications are currently voluntary, the OPC said, something that is likely to change next year and become mandatory, the spokesperson said. When data breaches occur currently, the OPC refers organisations to its online Data Safety Toolkit for advice.

Source: New Zealand Herald October 07, 2016 00:00 UTC