Zack Whittaker reports: A security lapse at JCrush, a dating app designed for the Jewish community, left a database open without a password, exposing sensitive user records and private messages to anyone who knew where to look. The site’s backend database had around 200,000 user records, according to security researchers Noam Rotem and Ran Locar,…
Category: Exposure
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records
Another Elasticsearch misconfiguration found by SecurityDiscovery. You can read about it here.
Report: Theta360 Leak Potentially Exposed Millions of Users’ Public and Private Photographs
VPNMentor reports that their research team has discovered that Theta360 inadvertently left users’ photos — even those intended to be private — exposed. The leak exposed at least 11 million public and private photographs. The data breach exposed thousands of users’ photos, many of whom chose to keep their images private. The breach did not expose…
First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
Brian Krebs reports: The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security…
Amadeus Traveler Data Exposed in a Thwarted Data Leak
Sean O’Neill reports: A computer expert discovered a vulnerability in one of the systems used by travel distribution company Amadeus, which said it had fixed the issue and that none of the data was misused. Alp, an Israel-based travel subsidiary, is an online service used by Israeli travel agents and governmental travel agency Inbal to…
Ca: Some Brampton Residents Affected by Serious Privacy Breach
Rajpreet Sahota reports: Some Brampton residents have had their private information leaked in the wake of a privacy breach, the Region of Peel says. The Region of Peel announced that there was a breach of personal information on June 8, 2018. On March 13, the personal information of approximately 13,000 individuals on a wait list for Regional services…