Tell HN: Fiverr left customer files public and searchable

What happened

It has been reported that a Hacker News user discovered customer files from Fiverr were publicly accessible and even indexed by search engines. The Tell HN post alleges a range of documents and deliverables were left exposed on URLs that did not require authentication. Ouch. For a marketplace built on trust between clients and freelancers, that’s a gut punch.

Details

According to the thread, the exposed material could be found via simple web searches and direct links — evidence, it is alleged, that default protections or indexing rules were misconfigured. Users in the discussion shared screenshots and tests; others tried to reproduce the issue and debated scope and severity. There’s no public, verified tally of affected files yet, and it has been reported that the company’s official response in the thread was limited or absent at the time.

Why it matters

This isn’t just a one-off embarrassment. Misconfigured cloud storage and lax indexing settings have tripped up companies before, and the stakes here are privacy, reputation and potential legal exposure. Clients share sensitive briefs, proprietary assets and sometimes financial details. How many people will think twice before uploading the next confidential file? Fiverr — and every gig platform — now has a clear reminder: lock the doors and check the windows.

Sources: Hacker News