Zack Whittaker reports: Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international…
Category: Business Sector
AU: Thousands affected in ActewAGL and Icon Water mail-out privacy breach
Jasper Lindell reports: ActewAGL has confirmed 400 electricity, gas and water customers have received bundles of bills addressed to other utility customers in a massive privacy breach affecting 6000 customers in the ACT and NSW. ActewAGL notified the Privacy Commissioner of the breach after it became aware of the mistake on Wednesday and had set up…
ASI Computer Systems notifies customers after discovering support site compromise of login credentials
ASI Computers is notifying some of their customers after discovering on November 1, 2018 that usernames and passwords on a support web site had been hacked prior to December 2016. From their notification to California: ASI confirmed which credentials had been exposed by the following day, November 2, 2018. ASI determined the affected credentials related…
Ticketmaster tells customer it’s not at fault for site’s Magecart malware pwnage
From the maybe-if-we-just-say-it’s-not-our-fault? dept, Gareth Corfield reports: Ticketmaster is telling its customers that it wasn’t to blame for the infection of its site by a strain of the Magecart cred-stealing malware – despite embedding third-party Javascript into its payments page. In a letter to Reg reader Mark, lawyers for the controversy-struck event ticket sales website said that Ticketmaster “is…
Amsterdam data leak identifies secret AirBnB complaints
Janene Pieters reports: A data leak affecting the municipality of Amsterdam revealed the names and addresses of residents upset about the city’s home share policy. In one case a phone number was also leaked, AT5 reports. The data was not recorded on the municipality’s website in an unrecognizable way, according to the Amsterdam broadcaster. Around…
R.I. pension system sues Google for not disclosing breach
Donita Taylor reports: Rhode Island is suing the parent company of Google for hiding a security breach that affected 52.5 million users, state General Treasurer Seth Magaziner stated in a news release Tuesday. “Google had an obligation to tell its users and investors that private information wasn’t being protected,” Magaziner stated in the release. […]…