A photo booth company specializing in weddings and events, Curator Live, has exposed a significant number of photographs taken during these occasions. The images, which often depict participants in moments of hilarity and sometimes in a state of inebriation, were accessible to anyone due to a vulnerability in the company's storage system.

Details of the Breach

A security researcher, who preferred to remain anonymous, discovered the flaw and alerted 404 Media. According to the researcher, Curator Live has not responded to his reports. The exposure also includes phone numbers, further aggravating the privacy violation.

Privacy Implications

The incident raises serious concerns regarding the collection and storage of personal data, even in seemingly innocuous contexts such as weddings and private parties. The researcher emphasizes that data is retained by third parties without the explicit consent of those concerned, violating expectations of privacy.

Volume of Exposed Data

It is estimated that at least 100GB of photographs have been exposed. 404 Media reviewed a smaller sample, confirming the presence of images from weddings, engagement parties, and even a NASA-branded event. In some cases, it is possible to link phone numbers to the people depicted in the photos.

Lack of Response

The researcher shared with 404 Media a copy of an email sent to Curator Live in November, detailing the issue. Despite this, he never received a response. Curator Live also did not respond to 404 Media's request for comment.