Anthony Kimery reports: Eight airline’s e-ticketing systems can expose passengers’ Personally Identifiable Information (PII) throuvgh a vulnerability using website links that are “easily intercepted by hackers,” according to Wandera, an enterprise mobile security and data management solutions company, in a recent report. “All of the major airlines that we identified are putting passenger data at…
Category: Business Sector
Dozens of companies leaked sensitive data thanks to misconfigured Box accounts
Zack Whittaker reports: Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can easily be discovered. The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left…
Facebook Suit Reveals Ukrainian Hackers Used Quizzes to Take Data from 60,000 Users
Kevin Poulsen reports: Two Ukrainian men used online quizzes to lure more than 60,000 Facebook users into installing malicious browser extensions that exfiltrated their profile data and friends lists to offshore servers, according a federal lawsuit the company filed late Friday. The men, Andrey Gorbachov and Gleb Sluchevsky, allegedly used the browser extensions to overlay…
Citrix discloses security breach of internal network
Catalin Cimpanu reports: American software company Citrix disclosed today a security breach during which hackers accessed the company’s internal network. In a short statement posted on its blog, Citrix Chief Security Information Officer Stan Black said Citrix found out about the hack from the FBI earlier this week. Read more on ZDNet.
That marketing email database that exposed 809 million contact records? Maybe make that two-plus BILLION. (UPDATED: No, don’t. Those claims are not supported)
Update 1: Vinny Troia contacted me to question DynaRisk’s claims. He informs this site that he has all four databases, has all of the data that is in the Dynarisk screenshots, and there is nowheres near 2 billion records. So it seems that this questions is unsettled as yet. DataBreaches.net will be contacting Dynarisk. Update…
AIA Singapore agents’ personal information exposed in apparent data breach
Gabriel Olano reports: AIA Singapore is taking action after the discovery of a potential data breach in which the personal information of 225 of its current and former agents, as well as their family members, was found to be publicly accessible. The insurer is currently running a check on all its systems after it became…