Update: Post-publication, the Virtue Center web site was taken offline and has not returned as of December 23. An undated entry on another site lists Shakil Islam and Faizan Sattar as “former employers” of VC. At the time of publication, however, they were listed on VC’s web site as part of their team. Follow-up e-mail…
Category: Breach Incidents
Database leak exposes 3.3 million Hello Kitty fans (UPDATED)
Over on Salted Hash, Steve Ragan reports on yet another MongoDB Database leak uncovered by Chris Vickery. This one involves a database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters. As such, a lot of children’s information may be in the database. The records exposed include first and last names, birthday…
More federal hot water for Nomi after possible phone tracking database leak?
Regular readers of PogoWasRight.org may recall that Nomi Technology ran afoul of Section 5 of the FTC Act over statements in its privacy policy that it did not live up to. To settle charges by the FTC, they signed a consent order in April, 2015. But now they may be facing some more questions from the FTC, because researcher…
Two apps with health info found leaking: researcher. Part 2: Hzone
This is Part 2 of today’s posts reporting on apps leaking health information. The leaks were shared with DataBreaches.net by researcher Chris Vickery, and this one involves very sensitive health and medical information. Part 1 reported on iFit’s data leak. Screenshots provided to DataBreaches.net on December 8 by Vickery revealed that 4,926 user accounts from Hzone Dating App for HIV-positive…
Two apps with health info found leaking: researcher. Part 1: iFit
Apps that collect and store health-related information are often not covered by HIPAA, but a breach involving the data they collect could be problematic. Today, I report on two leaking apps containing health information. Both of these leaks were reported to DataBreaches.net by researcher Chris Vickery. Part 1, below, is on iFit’s data leak. Part 2 will report on…
Personal and sensitive data of 59,000 charter school students in California leaked: researcher
California Virtual Academies (CAVA) is a network of 11 publicly funded charter k-12 schools in California. Researcher Chris Vickery recently contacted DataBreaches.net after he found a database with 58,694 of their students’ records leaking. In addition to a lot of personal information on the students that was all in plain text, the leaking data included some information on student…