DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Category: Exposure

Fashion rental company HURR Collective exposed user information through misconfigured plugin

Posted on December 20, 2019 by Dissent

James Walker reports: HURR Collective, a UK-based fashion rental company, has notified around 400 users of a data security incident that resulted in their email addresses being exposed, The Daily Swig has learned. A misconfigured plugin on the HURR website meant that users’ email addresses could be obtained simply by clicking ‘View Source’ on certain web pages….

Read more

Over 267 million Facebook users had their names, phone numbers, and profiles exposed thanks to a public database, researcher says

Posted on December 20, 2019 by Dissent

Kevin Webb reports: Cybersecurity researchers said on Thursday that more than 267 million Facebook users had their personal data exposed in an online database that collected their names, Facebook IDs, and phone numbers. The database was available online without a password to anyone who accessed it for about two weeks, according to Comparitech, a tech website,…

Read more

UK: Information Commissioner’s Office takes enforcement action against pharmacy

Posted on December 20, 2019 by Dissent

From the ICO: The Information Commissioner’s Office (ICO) has fined a London-based pharmacy £275,000 for failing to ensure the security of special category data. Doorstep Dispensaree Ltd, which supplies medicines to customers and care homes, left approximately 500,000 documents in unlocked containers at the back of its premises in Edgware. The documents included names, addresses,…

Read more

SonyLIV Fixes leaky Elasticsearch in record time

Posted on December 19, 2019 by Lee J

Once again, a service owned and control by a division of official Sony Entertainment has slipped up. This time, their error exposed a elasticsearch server leaking log entries that feed into a third-party tool. Sony is no stranger when it comes to reports of poor infosecurity and hacking incidents, but it is not often we…

Read more

China Citizen Watch (Finally) Secures 150TB of Leaking Data

Posted on December 19, 2019 by Lee J

China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.)  have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…

Read more

CMS Blue Button API Coding Error Potentially Exposes Health Data

Posted on December 18, 2019 by Dissent

Jessica Davis reports: December 18, 2019 – The Centers for Medicare and Medicaid Services has taken its Blue Button 2.0 API offline, as it investigates a coding error that potentially exposed the protected health information of about 10,000 beneficiaries. The BB2.0 platform is used by Medicare beneficiaries to authorize third-party applications to access their Medicare claims data. The system…

Read more
  • Previous
  • 1
  • …
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • …
  • 695
  • Next

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.