Thingiverse Hacked: Has your data been leaked?

If you're using the Thingiverse platform, it's probably worth resetting those passwords

thingiverse hacked

HaveIBeenPwned.com have added Thingiverse to their list of breached websites yesterday, 14th October. Thingiverse is a go too for 3D printing .STL files and hobbyists worldwide, which apparently has some sketchy security protocols.

Thingiverse allows users to upload and download files of 3D models that can be sliced and printed on STL and Resin 3D printers. They have an easy-to-follow license system that makes sure users get credited for their own work which gave them control over creative use for their designs.

Thingiverse sample data set of the leak on a popular hacking forum (Image source: raid forum/ISMG)

Troy Hunt, the creator of Have I Been Pwned, has been trying to reach out to Thingiverse and their New York-based parent company Maker Bot for days before notifying the public of a data breach:

The breach was originally discovered by Pompompurin, an avid cyber researcher, who hasn’t taken to kindly to someone else claiming the discovery to promote their website it seems:

Thingiverse Hacked – How Did It Happen?

Long story short, they left a backup in a public directory. A misconfigured S3 Bucket opened up their cloud environment, which meant the information was publicly readable and exposed to a data breach. FYI, if write privileges were enabled too, malware and encryption methods could have easily held a company like Maker Bot/Thingiverse to ransom.

This is becoming a repeat issue with big businesses with Silicon Valley VC firm Play And Play Ventures having the same issue. Luckily, the Thingiverse data breach didn’t have any full passwords written down, but some date of birth information was present. Just to be safe, we’d recommend logging in and changing your password just to be safe.

For the latest tech news, make sure to bookmark and keep an eye on our News Hub.

You might like this

We're so excited, there's so much new content to watch. You'll need to read it to believe it.
There's even a budget option available, here's everything you need to know
You've played as the silent, 7-foot tall unstoppable force, now put him in your PC to run Halo Infinite

Share this article

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Tech Writer
at
PC guide
With over five years of experience in games and tech journalism, Reggie brings his own brand of approachability and knowledge to the PC Guide brand. previous bylines include Vodafone Global, Gfinity, The Sixth Axis, and Techstomper.

Independent, transparent, rigorous and authentic, our reviews are the most thorough and honest in PC gaming. Learn about our review process.

Leave a Comment

This site is registered on wpml.org as a development site.