Reuters reports: A U.S. citizen who leaked the names of more than 14,000 HIV-positive people in Singapore has been found guilty by a U.S. court of illegally transferring personal data and threatening the Singapore government, court filings show. Read more on Reuters.
Category: Exposure
Massive Security Flaw Detected on Baltimore County Schools’ Digital Platform, Exposing Highly Sensitive Information on Students and Staff Members
Ann Costantino reports: A massive security flaw has been detected that allowed unrestricted access to highly sensitive records pertaining to students, staff and internal school system data on a Baltimore County Public Schools (BCPS) public facing website. The system’s BCPS One/Schoology platform, where students are able to access classes, grades and academic resources online, is…
Jewish dating app JCrush exposed user data and private messages
Zack Whittaker reports: A security lapse at JCrush, a dating app designed for the Jewish community, left a database open without a password, exposing sensitive user records and private messages to anyone who knew where to look. The site’s backend database had around 200,000 user records, according to security researchers Noam Rotem and Ran Locar,…
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records
Another Elasticsearch misconfiguration found by SecurityDiscovery. You can read about it here.
Report: Theta360 Leak Potentially Exposed Millions of Users’ Public and Private Photographs
VPNMentor reports that their research team has discovered that Theta360 inadvertently left users’ photos — even those intended to be private — exposed. The leak exposed at least 11 million public and private photographs. The data breach exposed thousands of users’ photos, many of whom chose to keep their images private. The breach did not expose…
First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
Brian Krebs reports: The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security…