Here’s a follow-up to a data leak incident that may have escaped our attention as the pandemic was absorbing a lot of attention and the news cycle in April:
More than 620 claimants have come together to file a joint lawsuit against an IT firm which exposed personal data of more than 337,000 voters in a security breach exposed last April.
[…]
A database belonging to C-Planet IT Solutions Ltd, which included personal data belonging to 337,384 voters, was left exposed online in what the company described as a mishap involving “old” data. Data included names and surnames, ID card details, phone numbers and addresses of voters.
Read more on Times of Malta.
By backtracking in news searches, it seems that the firm had stored an unprotected copy of the electoral list of people eligible to vote in 2013. The list was indexed by Google and exposed online for more than one year before it was first reported on Twitter by @0xyzq (Alex Gor) on February 29 of this year.