Zack Whittaker reports: A popular hentai porn site that promises anonymity to its 1.1 million users left a user database exposed without a password, allowing anyone to identify users by their email addresses. You might not have heard of Luscious.net unless you’re into hentai and manga porn but it’s one of the most popular websites…
Category: Breach Incidents
Ugh. Amazon buckets with 1.8 million pharmacy-related files and 1.2 million telemarketing recordings about diabetic supplies found unsecured
Copies of fax cover letters from three pharmacies found exposed in an unsecured Amazon s3 bucket Faxes reveal patients’ names, addresses, dates of birth and their medications and doctors’ names Audio recordings in the second unsecured bucket reveals marketers claiming to represent firms that do not appear to exist as they try to get consumers…
New malware Xwo can swipe all your credentials at once
What Xwo Does Xwo is not your typical ransomware that holds your data hostage nor cryptocurrency miner that takes command of your processing power for its own devices. Instead it scans systems looking for saved credentials and exposed services. Everything it finds, it sends back to the control server. Xwo is not the thief stealing…
Hacker site’s incriminating database published online by rival group
Dan Goodin reports: Hackers from Raidforums recently breached the site of rival hacking forum Cracked.to and spilled data for more than 321,000 of its members. The hackers did so while some of their victims were discussing cracking Fortnite accounts, selling software exploits, and engaging in other potentially illegal activities. In all, the dump posted on…
Sweet Chat: Chinese ‘Tinder’ with 10M users, exposed chats and private photos
Darryl Burke wrote: Sweet Chat, an Android based chatting and photo sharing application with over 10 million users, has been exposing its users chat content, and photos on an unsecured server. By using common MQTT related tools anyone can view real-time, the chats and private photos of all online Sweet Chat users. Review of the…
Do your office staff and answering service know how to respond to a notification?
Over the years, there have been numerous occasions when I’ve called a doctor’s office or service to alert them to a data leak or HIPAA breach. In some cases, I’ve reached office staff. In other cases, it may be an answering service. All too often, however, most of the people who have taken my calls…