SteveHawkins
Suspicion of data leak from Railway app MySQL DB
I don't know if it would come from a data leak or a clause in the contract that allows Railway to sell datas, but something really strange happened and I think comes form my use of Railway.
So for the context I developed a box-office platform for a theater company. I wanted to offer a friend tickets for a show and I followed the shopping process myself so he only gets the final ticket and no insights on the price, whatsoever. During the first half of the process, to receive the bill myself, I put HIS booking name and MY email address.
But I just received a phishing spam on my mailbox, with his name. I see no way those two associations could have been done, except for that time I used his name with my email address.
My db is only stored on Railway side, I have no other connection done to it, and I was on my private network so I can't imagine any sniffing.
Do you see anything I could investigate on my side ? Could it be a data leak from Railway ? Is there a clause I've been missing ?
If i'm in the wrong section, let me know and I'll move my post 😉
Thank you for your help 🖖
6 replies