Weixin.qq.com

WeChat which belongs to Tencent and uses the weixin.qq.com domain experienced a significant data exposure incident involving a massive database of user records. The incident surfaced when security researchers discovered an unsecured ElasticSearch cluster containing over one billion records. The exposed data included sensitive user communication logs, metadata, and profile information. This exposure was not a direct hack but rather a server misconfiguration that left millions of private conversations accessible to the public internet without any password protection.