Catalin Cimpanu reports that some lessons that could have been learned years ago — and should have been — are still unlearned by too many. In a report published earlier this month, security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies…
Category: Exposure
Deloitte Consulting sued in two states over unemployment portal data security issues
Last month we started seeing reports of data leaks or breaches involving state unemployment benefits application portals. We also started seeing reports of lawsuits filed as a result. Ben Szalinski reports that in Illinois, one of the nearly 32,500 applicants who had private information exposed said it was used to access her bank account. Briana…
Just Eat customers’ details dumped in Cleveleys alley as data watchdog warns of GDPR breach
Rebecca Beardmore reports: Dozens of takeaway receipts showing customers’ personal addresses were dumped in a Cleveleys alleyway, sparking an investigation. The Just Eat tickets, which showed full names and addresses, were fly-tipped in the Beach Road alley. It sparked concern from local councillors and the Information Commissioner’s Office (ICO), which said it was a breach…
Oracle’s BlueKai tracks you across the web. That data spilled online
Zack Whittaker reports on a leak by Oracle’s BlueKai that exposed tons of consumer data. Oracle’s not saying what companies are to blame for the leak, but the leak was described as involving “billions of records.” TechCrunch reviewed the data and found names, home addresses, email addresses and other identifiable data in the database. The…
KIPP: SoCal notifies parents after learning of GitHub breach
KIPP SoCal is notifying parents of a breach after a vendor alerted them to it. In their notification, they explain: On June 2, 2020, KIPP SoCal was notified of an issue involving unauthorized access to a data file containing certain students’ information. The issue was found when a vendor that we contract with discovered that…
845GB of racy dating app records exposed to entire internet via leaky AWS buckets
Robbie Harb reports: Hundreds of thousands of sensitive dating app profiles – including images of “a graphic, sexual nature” – were exposed online for anyone stumbling across them to download. Word of the uncontrolled emission burst forth from vpnMentor this week, which claims it found a misconfigured AWS S3 bucket containing 845GB of private dating app records….