Xuexi.cn

In early 2019 security researchers discovered an unprotected ElasticSearch database containing personal information from the Xuexi Qiangguo mobile application. The platform which is used for political education and propaganda in China exposed sensitive details of millions of users due to a server misconfiguration. The incident highlighted significant privacy risks associated with mandatory state applications as the exposed data included user activity and identity markers. No evidence of a direct hack was found but the open nature of the database allowed unauthorized access to anyone with the correct IP address.