Joseph Cox reports the follow-up to a breach that I covered on PogoWasRight.org. The breach involved a Danish grad student dumping OkCupid users’ personal and sensitive info in a data set for “research” purposes, claiming it was “public” data. They had neither sought nor obtained consent to scrape the user database, and although they did not include…
Category: Exposure
Pacific Gas and Electric database exposed; Company claims data “fake”
MacKeeper Security Researcher Chris Vickery has reported on yet another misconfigured database. This one belongs to PG& E in California. Whether the database contains real data or not is something the Department of Homeland Security should investigate, as the company tells Chris the data are “fake,” and Chris does not believe them, partly because entities…
ZA: MTN exposing subscribers’ personal details online
When accessing their bills online, MTN clients are being shown the bills of other subscribers. This is according to a subscriber who told MyBroadband he was able to see thousands of bills that weren’t his own. He logged in as normal on MTN’s e-billing site, received a one-time PIN, and accessed the client portal – which…
Oops: Ohio agency failed to redact personal info in public records request
Shaun Hegarty reports: The 13abc I-Team has uncovered a major personal information release by the State of Ohio. Drivers’ licenses, social security numbers, even birth certificates without personal information blocked out was all released by the Department of Agriculture. People looking into the seizure of animals from Tiger Ridge Exotics got far more than they…
Pakistan’ Real Estate Giant Zameen.com Hacked, Entire Database Leaked
Waqas writes: A Bangladeshi hacker going with the handle of Tiger Mate has hacked and defaced one of Pakistan’s largest real estate websites Zameen.com. That’s not all, the hacker has also leaked the site’s entire database online for public access. The hacker left a deface with a note stating ”hacked by Tiger Mate,” his Twitter…
NSW TrainLink: Some credit card info at risk after website security breach
The NSW Opposition has called on the state’s Transport Minister to reveal how many customers have been affected by a security breach of TrainLink’s online booking systems. Transport for NSW said it was investigating a “compromise” of the TrainLink website’s reservations system, which has since been shut down. TrainLink provides intercity, regional, and interstate train…