Too Long; Didn't Read
We have a rather interesting data leak story to share. The company having the vulnerability has more than 5 million users. One of the API endpoints could be used to iterate over all users data including name, phone umbers, email addresses, profile picture, user metadata and saved physical address. The data leak looks fixed now but we have been unable to receive a response or confirmation from them so that we could share this post with them as requested before publishing.