Leon writes: In March 2019, I found an unsecured Elasticsearch database which contains more than 4 billion records. The database was sensitive as it contains a lot of PII details as well as Geo-Coordinates of the vehicles meaning the location of the transportation vehicle is tracked and seems to be of an unknown company which…
Category: Exposure
A misconfigured AWS bucket exposed personal and counseling logs of almost 300,000 Indian employees
On July 17, this site reported on a leak by a vendor, Medico, Inc., that exposed 300,000 patients’ insurance billing-related records. Today, we report on another leak – this one by another vendor – that also exposed about 300,000 records. As part of their benefits offerings, companies often offer services to their employees to help…
Honda Motor Company leaks database with 134 million rows of employee computer data
Justin reports: I was searching Shodan yet again when I discovered an ElasticSearch database without any authentication. The data contained within this database was related to the internal network and computers of Honda Motor Company. The information available in the database appeared to be something like a inventory of all Honda internal machines. This included…
Poor children’s details leaked due to Glasgow City council ‘procedural error’
Hannah Rodger reports: Low income families who applied for help to buy school uniforms have had their children’s details and personal information leaked by a local authority. More than 30 people who applied to Glasgow City council for it’s school clothing grant have had their full applications sent to third parties. Children’s’ names, which school…
Protest data breaches threaten HK’s hub ambitions
The Macau Daily Times reports: Hong Kong’s ambitions to be an international data-center hub are a potential casualty of the city’s mass protests. […] Last month, dozens of protesters were arrested after being treated in the emergency ward of a public hospital following battles with riot police. The city’s Hospital Authority subsequently denied leaking patient…
Ca: ‘We feel terrible’: Vancouver tour company apologizes as privacy commissioner looks into breach
Penny Daflos reports: A tour company that organizes school field trips for B.C. students is apologizing for dumping personal information in the recycling bin of a sorting room where hundreds of Yaletown residents and others had access. Peter Meiszner, who lives in the residential area of the mixed-use building on Cambie Street, was stunned to…