Zack Whittaker reports: Rela (热拉), a popular dating app for gay and queer women, has exposed millions of user profiles and private data because a server wasn’t protected with a password. Rela disappeared from app stores in May 2017 after it was reportedly shut down by Chinese regulators, though the government never confirmed it took…
Category: Exposure
Voya Financial Advisors exposes more sensitive adviser information on its website
Less than six months after Voya made headlines by agreeing to pay $1 million to settle SEC charges stemming from a 2016 breach, they have been back in the news after two incidents — one embarrassing and one concerning. Bruce Kelly reports: Weeks after a computer glitch risked exposing the Social Security numbers of its…
Hosting Provider Finally Takes Down Spyware Leak of Thousands of Photos and Phone Calls
Lorenzo Franceschi-Bicchierai has an update on a recent story: A company that sells cellphone spyware to consumers left 95,000 images and more than 25,000 audio recordings on a server accessible to anyone on the internet for weeks. The sensitive data was so easy to access, that Motherboard couldn’t even name the spyware company in its…
Butler County employee suspended after emailing spreadsheet with personal information
Denise G. Callahan reports: The Butler County commissioners approved a two-day, unpaid suspension for an employee who inadvertently sent out an email with wellness information regarding the county’s health insurance, which might have violated HIPAA laws. Shawna Smith, the county’s wellness coordinator, sent out an email in September with a spreadsheet that included hidden columns…
Kanopy privacy breach reveals which movies members have been streaming
On March 22, Simon Cohen reported: Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning…
A family tracking app was leaking real-time location data
Zack Whittaker reports: A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting…