A security researcher, Jeremiah Fowler, discovered an unprotected database containing over 240,000 records belonging to Willow Pays, a US-based FinTech company specializing in bill payment services. The exposed data included sensitive information such as names, emails, credit limits, internal billing details, repayment schedules, and account inconsistencies. Fowler warned that such information could be exploited for phishing attacks or unauthorized account access. After his responsible disclosure, Willow Pays restricted public access to the database, though the extent of data compromise remains unknown. This incident underscores the rising threat of cyberattacks on financial institutions, prompting experts to call for robust security measures like encryption, regular audits, and advanced authentication technologies. Continue here.
