Rebecca Beardmore reports: Dozens of takeaway receipts showing customers’ personal addresses were dumped in a Cleveleys alleyway, sparking an investigation. The Just Eat tickets, which showed full names and addresses, were fly-tipped in the Beach Road alley. It sparked concern from local councillors and the Information Commissioner’s Office (ICO), which said it was a breach…
Category: Exposure
Oracle’s BlueKai tracks you across the web. That data spilled online
Zack Whittaker reports on a leak by Oracle’s BlueKai that exposed tons of consumer data. Oracle’s not saying what companies are to blame for the leak, but the leak was described as involving “billions of records.” TechCrunch reviewed the data and found names, home addresses, email addresses and other identifiable data in the database. The…
KIPP: SoCal notifies parents after learning of GitHub breach
KIPP SoCal is notifying parents of a breach after a vendor alerted them to it. In their notification, they explain: On June 2, 2020, KIPP SoCal was notified of an issue involving unauthorized access to a data file containing certain students’ information. The issue was found when a vendor that we contract with discovered that…
845GB of racy dating app records exposed to entire internet via leaky AWS buckets
Robbie Harb reports: Hundreds of thousands of sensitive dating app profiles – including images of “a graphic, sexual nature” – were exposed online for anyone stumbling across them to download. Word of the uncontrolled emission burst forth from vpnMentor this week, which claims it found a misconfigured AWS S3 bucket containing 845GB of private dating app records….
Lessons learned from the ANPR data leak that shook Britain
Ax Sharma reports: On April 28, 2020, The Register reported the massive Automatic Number-Plate Recognition (ANPR) system used by the Sheffield government authorities was leaking some 8.6 million driver records. An online ANPR dashboard responsible for managing the cameras, tracking license plate numbers and viewing vehicle images was left exposed on the internet, without any password or…
12,000+ Indian blood donors’ PII and passwords leaked
CloudSEK reports: CloudSEK has discovered a data leak that contains sensitive information of 12,472 blood donors registered on http://www.indianblooddonors.com/index.php. Indian Blood Donors is an organization that maintains a free database of blood donors. They also have an app, which matches recipients with the nearest donor, based on blood type. Discovery of the leak A CloudSEK researcher discovered…