UpGuard reports: UpGuard can now disclose that a code repository including exposed access credentials for Campaign Sidekick, a current voter contact, survey, and canvassing app used by Republican campaigns, has been secured. The code repository was within a “.git” directory which was configured for public access and hosted on Campaign Sidekick’s primary website. The directory contained…
Category: Exposure
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
Cynthia J. Larose and Natalie Prescott of Mintz discuss a lawsuit previously noted on this site: Fuentes v. Sunshine Behavioral Health Group, LLC. The lawsuit followed a data leak of PHI due to a misconfiguration of a database. The leak was first reported by DataBreaches.net who had alerted the entity to their leak. I’m going…
Ca: Toronto residents’ data improperly shared with councillor’s office in privacy breach
David Rider reports: More than 7,000 Torontonians are being told their personal information was improperly disclosed to a city councillors’ office, the Star has learned. In a March 17 letter to 7,227 people in a program for senior citizens and disabled people who receive free sidewalk snow clearing, Vincent Sferrazza, a city transportation director, tells…
Report: unidentified database exposes 200 million Americans
The CyberNews research team reports: The CyberNews research team uncovered an unsecured database owned by an unidentified party, comprising 800 gigabytes of personal user information.The database in question was left on a publicly accessible server and contained more than 200 million detailed user records, putting an astonishing number of people at risk. On March 3, 2020, the…
India’s Vijay Sales Leaks Private Information through Exposed Amazon Backup Server
Risk Based Security notes: On March 2nd, 2020, a notorious threat actor posted a leaked Vijay Sales database on a popular dark web hacker forum. Vijay Sales is a large electronics retail store chain in India, with nearly two hundred thousand users affected in the leak. The threat actor claimed the source was from an…
UK: Nursing home probed after residents’ personal details are found in the street
John Pring reports: A nursing home is facing an investigation into a “very serious” breach of data protection laws, after detailed personal information about its 36 disabled residents was apparently found in the street. The four-page document contains the names of all 36 residents of Manor Hall, in Eastbourne, as well as their health conditions,…