Dave Lee reports: An online service recommended by most of the UK’s police forces has fixed a privacy flaw after being alerted by a security expert. Immobilise allows members of the public to add records to the National Property Register, detailing valuables in their homes. But security consultant Paul Moore discovered a flaw that made it…
Category: Exposure
Three million Moonpig accounts exposed by flaw
Darren Pauli reports: Custom mugs and tat outfit Moonpig has a signficant flaw that exposes personal records and partial credit card details for some three million customer (sic), almost 18 months after it was reported. The failure, discovered and privately reported by developer Paul Price, meant every account and the names, birth dates, and email and street…
Out of site, but not off the dark web
According to Belsec Blog, Rex Mundi republished “thousands of Belgian data” on Tor. While a few of the hacks the blog refers to have been previously mentioned on DataBreaches.net, some of them are news to me:
Tallahassee Police Release Reporter’s Personal Info In Massive Records Request
Ashley Lopez reports: The Tallahassee Police Department recently released hundreds of police reports involving Florida State University athletes—as well as the personal information of the reporter who requested the records. On Christmas Eve, according to Poynter, the non-profit journalism education center, TPD publicly released ESPN reporter Paula Lavigne’s original request – which included her cell phone…
#Anonymous dumps 13,000 passwords (updated)
Updates: See this post and this article for debunking that these are new leaks. Julie Bort reports: The hacker group known as Anonymous released a file on Friday containing about 13,000 passwords, it claims. […] But these accounts come from a variety of online sources, the Anonymous claims, some of them really popular. DailyDot’s Aaron Sankin sifted…
Leak of online ticketing data sparks off panic in China
ZeeNews reports: Beijing: A leak of personal information from online train ticket sales ahead of the busiest travel season of the year has spurred public outcry in China over internet vulnerability. The leaked information includes usernames, passwords, emails and a trove of personal data used for buying tickets on the official ticket-selling website of China Railway Corporation (CRC). CRC…