Bob Diachenko reports: On April 18th, during our regular security audit of nonSql databases with BinaryEdge search engine, I have discovered an open and publicly available MongoDB instance which contained astonishingly sensitive information on Iranian drivers. Information was structured to include the following data fields: Driver first name and last name SSN (10-digits Iranian ID…
Category: Breach Incidents
Millstone man sentenced for hacking women’s accounts and then uploading their nude images
Vin Ebenau reports: A Monmouth County man will spend five years in prison for hacking into the private cloud based accounts of two women and then stealing lewd videos and images of them which he preceded to post on publicly accessible websites, announced New Jersey Attorney General Gurbir Grewal. Patrick S. Farrell, 37, of Clarksburg…
Hacktivists attack UK police sites to protest arrest of Julian Assange
Hacktivism is seeing a resurgence recently, in no small part fueled by the arrest of Julian Assange. #Op hashtags for the UK, Sweden, and Ecuador signal the intent of the attackers. #Anonymous #FreeAssange #OpEcuador #OpAssange #OpSweden #OpUK #OpUS @your_anon_net @LorianSynaro and @Pryzraky took #Offline UK Police website. Sweden its also our target! You will be…
Did ransomware claim a victim or did two doctors just make a poor decision?
An article by William Maruca of FoxRothschild is headlined, “Ransomware Claims A Victim.” It discusses the case of Brookside ENT, whose doctors decided to shutter their practice and retire a year early after a ransomware attack that encrypted their patient data, billing information, scheduling information, and even their backups. In other words, the attacker successfully…
Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet
Remember what I said earlier today about India being a data protection mess? Here’s another example. Mohit Kumar reports: An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on…
India: Rising Cybercrime Frontier
For the past year or more, I’ve been receiving numerous tips and notifications from trusted researchers about leaks and breaches involving entities in India. While some of the incidents involve alleged miscreants, other incidents involve human error or misconfiguration situations. But as many of us have experienced and reported, when it comes to data protection…