Zack Whittaker reports: Urban Massage, a popular massage startup that bills itself as providing “wellness that comes to you,” has leaked its entire customer database. The London, U.K.-based startup — now known as just Urban— left its Google-hosted ElasticSearch database online without a password, allowing anyone to read hundreds of thousands of customer and staff…
Category: Business Sector
UK’s ICO fines Uber £385,000 over data protection failings
The monetary penalties levied against ride-sharing giant Uber for covering up a 2016 breach continue to mount. From the ICO’s office: The Information Commissioner’s Office (ICO) has fined ride sharing company Uber £385,000 for failing to protect customers’ personal information during a cyber attack. A series of avoidable data security flaws allowed the personal details…
Data Protection Authority of Baden-Württemberg Issues First German Fine Under the GDPR
Here’s a more detailed analysis of the GDPR fine of 20,000€ levied against a German flirting site, knuddels.de. Dr. Henrik Hanssen and Dr. Stefan Schuppert write: In the first fine issued by a German data protection authority under the European General Data Protection Regulation (“GDPR”), on 21 November 2018 the authority of the German state…
Noida: Two leak legal firm’s data to former employee, held
TNN reports: Two business associates of a legal service provider have been arrested for allegedly leaking confidential data of the company and its clients, mostly based abroad, to a former employee. Officials of the company said they came to know that Umar Ikhlaq, who had resigned from the firm to join another Mumbai-based company in…
Brazilian personal data was exposed….. again
Bob Diachenko recently reported on yet another massive data exposure: On November 12th, when auditing the search results for open/exposed Elasticsearch databases with Binaryedge.ioplatform, we have found what appeared to be a collection of personal records compiled by FIESP, the Federation of Industries of the State of São Paulo. FIESP is the largest class entity…
PageUp investigation found no evidence of data theft, company says
Rohan Pearce has an update to a breach that was first disclosed in June, 2018: HR software company PageUp says that a forensic expert it engaged to examine its systems has found “no specific evidence” that data was stolen during a security breach earlier this year. Read more on Computerworld.