Paul Kane writes: Hacker-activists Noam Rotem and Ran L from Safety Detective’s research lab recently revealed a significant security breach in the Tommy Hilfiger Japan client database – leaving the private and personal details of hundreds of thousands of customers up for grabs. Nearly 1 Million Website Visits Tommy Hilfiger’s Japanese website, which received nearly…
Category: Exposure
UK: Government in email privacy gaffe
BBC reports: A government department responsible for data protection laws has shared the contact details of hundreds of journalists. The Department for Digital, Culture, Media and Sport emailed more than 300 recipients in a way that allowed their addresses to be seen by other people. The email – seen by the BBC – contained a…
Job recruitment site Ladders exposed 13 million user profiles
Zack Whittaker reports: Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records, following a security lapse. The New York-based company left an Amazon -hosted Elasticsearch database exposed without a password, allowing anyone to access the data. Sanyam Jain, a security…
SkyMed Medical Evacuation Membership Service Exposed Data of 137k Members
Jeremiah Fowler reports on another unsecured elasticsearch database that his firm has found: On March 27th I discovered an unsecured Elasticsearch database that contained what appeared to be members of a medical evacuation membership service. Upon further inspection of the data there were many references that the data allegedly belonged to Florida based SkyMed. It…
In the process of notifying patients of a web exposure breach, Inmediata experiences a mail exposure breach?!
Reading the comments under the Inmediata press release is like watching a train wreck happen right in front of you. Many people are reporting that they have received multiple notification letters from Inmediata — many with the names of people who are unknown to them and who do not live at their address. One person…
VA: Arlington Public Schools Informs Parents of Limited Data Breach
ARLNow reports: An “error” in the data inputted to the college readiness system used by Arlington Public Schools may have exposed the name, address, grade point average and college entrance exam scores of nearly two dozen students to an unrelated parent. Superintendent Patrick Murphy was sending a message, below, to all secondary (grades 6-12) families Friday morning informing…