Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…
Category: Business Sector
Nulled.io crime forum breach could cause a world of pain for members
Dan Goodin reports: A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members. Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in…
Nostalgic for a backup drive breach? Here it is…
The days of backup drives with unencrypted information being stolen from unattended vehicles is not totally a thing of the past. On April 26, New Hampshire Distributors, LLC notified the state attorney general’s office that a stolen backup drive contained information on 924 New Hampshire residents. The total number of individuals affected was not disclosed. It’s…
Double whammy: Avention investigating two data breaches involving employee info
Massachusetts-based Avention, formerly known as OneSource Solutions, is investigating two recent data breaches that may, or may not, be the work of the same criminal(s). In a letter to the New Hampshire Attorney General’s Office, their external counsel provides a chronology of events, beginning with reports by some employees on April 19 that their tax returns had been rejected because…
Besa Mafia: Hitman For Hire Site Hacked, Data Dumped
RiskBased Security writes: News reports of websites being hacked and data being leaked has become an all too common occurrence. Most of the press focuses on popular or well known sites, rarely touching on leaks from sites that reside in the recesses of the “deep web” or “dark web”, accessible only by means such as…
KY: Business Owner Pleads Guilty To Wire Fraud For Stealing $809,205.43 From Victims
Did no one check their bank statements to see that they were having deductions made that they hadn’t approved? Or did they? Mark Allen Hartley, the owner of Patriot Computers, a Virginia corporation, entered pleas of guilty today, in United States District Court, before Chief Judge Joseph H. McKinley Jr., to multiple wire fraud charges…