Bad surprise for users of the Russian telephone company Megafon, who had used the online service to send messages in recent weeks. Around 8 private text messages, including dates and telephone numbers, were in fact visible online through the Russian search engine Yandex.
The cause of the data loss appears to be due to the mistaken removal of a robots.txt file. When the search engine's browser plug-in sent individual page URLs to search engines for indexing, the absence of the security file led to the disclosure of personal data.
Also a misconfiguration of robots.txt was the basis of a second leak of sensitive data involving users of online stores in Russia and Ukraine listed by Yandex, Google and other search engines. Because the file did not include instructions to prevent pages containing personal data from being indexed, information about buyers' names, product prices, IP addresses, and buyers' domiciles was made available.
For more information: Rt
