alwaysdata All Projects: Tasklist

	ID	Status	Summary	Opened by
	~~193~~	Closed	~~Data Leak \| Critical \| Access to Database~~	b1bikua	Task Description Subject: Responsible Disclosure: phpMyAdmin Credentials Leak on Dark Web – alwaysdata.com ===Dear Alwaysdata Security Team,=== We are cybersecurity researchers focused on protecting organizations from real-world threats. During one of our routine dark web intelligence sweeps using our automated threat investigation tool, we discovered a data leak containing phpMyAdmin dashboard credentials associated with the alwaysdata.com infrastructure. ==Summary== I didn't chnaged anything on database and etc. Just log-in to test for validity and PoC for screenshot —-117397_powerbach:PowerBache$2021 Leak Type: Database credentials leak Component Affected: phpMyAdmin Dashboard Exposure Level: Public (Dark Web & Cracking Forums) Discovery Method: Automated threat monitoring (self-developed tool) Details of the Finding Platform Leaked: phpMyAdmin Host Reference: alwaysdata.com (exact subdomain redacted for security) Credentials Disclosed: Username and password in plain text Source: Publicly indexed in a known data-sharing/cracking forum on the dark web Time of Leak: Recently uploaded within the last 30 days How We Discovered Our self-hosted automation tool aggregates and analyzes leaked credential dumps, API keys, and admin panel accesses across various dark web marketplaces, forums, and paste services. The tool flagged this leak due to: Match with "phpmyadmin" in URLs or titles Reference to *.alwaysdata.com Valid credential format Potential Impact Database exposure: If valid, attackers may access sensitive databases Privilege escalation: Access to other internal systems is possible Brand damage: Public exploitation could harm company reputation Compliance concerns: May trigger GDPR or similar obligations == Recommendations== Rotate any potentially exposed credentials immediately Audit access logs for signs of unauthorized use Restrict access to phpMyAdmin behind VPN or IP whitelisting Enable rate limiting and two-factor authentication Monitor for further credential leaks or suspicious behavior We believe in responsible disclosure and do not exploit or share leaked data. Our goal is to help companies secure themselves before attackers act. We’re happy to provide further technical details or help validate remediation efforts. Please confirm receipt of this report. If you have a vulnerability disclosure or bug bounty program, we’d appreciate being considered for recognition. Findings:

~~193~~

Closed

~~Data Leak | Critical | Access to Database~~

Task Description

Subject: Responsible Disclosure: phpMyAdmin Credentials Leak on Dark Web – alwaysdata.com

===Dear Alwaysdata Security Team,=== We are cybersecurity researchers focused on protecting organizations from real-world threats. During one of our routine dark web intelligence sweeps using our automated threat investigation tool, we discovered a data leak containing phpMyAdmin dashboard credentials associated with the alwaysdata.com infrastructure.
==Summary== I didn't chnaged anything on database and etc. Just log-in to test for validity and PoC for screenshot —-117397_powerbach:PowerBache$2021 Leak Type: Database credentials leak
Component Affected: phpMyAdmin Dashboard
Exposure Level: Public (Dark Web & Cracking Forums)
Discovery Method: Automated threat monitoring (self-developed tool)
Details of the Finding Platform Leaked: phpMyAdmin Host Reference: alwaysdata.com (exact subdomain redacted for security)
Credentials Disclosed: Username and password in plain text
Source: Publicly indexed in a known data-sharing/cracking forum on the dark web
Time of Leak: Recently uploaded within the last 30 days

How We Discovered

Our self-hosted automation tool aggregates and analyzes leaked credential dumps, API keys, and admin panel accesses across various dark web marketplaces, forums, and paste services. The tool flagged this leak due to:
Match with "phpmyadmin" in URLs or titles
Reference to *.alwaysdata.com
Valid credential format

Potential Impact

Database exposure: If valid, attackers may access sensitive databases
Privilege escalation: Access to other internal systems is possible
Brand damage: Public exploitation could harm company reputation
Compliance concerns: May trigger GDPR or similar obligations
==
Recommendations==

Rotate any potentially exposed credentials immediately
Audit access logs for signs of unauthorized use
Restrict access to phpMyAdmin behind VPN or IP whitelisting
Enable rate limiting and two-factor authentication
Monitor for further credential leaks or suspicious behavior

We believe in responsible disclosure and do not exploit or share leaked data. Our goal is to help companies secure themselves before attackers act.
We’re happy to provide further technical details or help validate remediation efforts.
Please confirm receipt of this report. If you have a vulnerability disclosure or bug bounty program, we’d appreciate being considered for recognition.

Findings:

Showing tasks 1 - 1 of 1 Page 1 of 1

All Projects

Subject: Responsible Disclosure: phpMyAdmin Credentials Leak on Dark Web – alwaysdata.com

How We Discovered

Potential Impact

Available keyboard shortcuts

Tasklist

Task Details

Task Editing

All Projects

Subject: Responsible Disclosure: phpMyAdmin Credentials Leak on Dark Web – alwaysdata.com

**How We Discovered**

Potential Impact

Available keyboard shortcuts

Tasklist

Task Details

Task Editing

How We Discovered