Shaun Nichols reports: The massive amounts of exposed data on misconfigured AWS S3 storage buckets is a catastrophic network breach just waiting to happen, say experts. The team at Truffle Security says its automated search tools were able to stumble across some 4,000 open Amazon S3 buckets that included data companies would not want public, things like…
Category: Exposure
Morgan Stanley Hit with Class Lawsuit Over Alleged Data Breaches
Jed Horowitz reports: Former and current Morgan Stanley customers have filed a putative class-action lawsuit alleging negligence and invasion of privacy over the firm’s failure to properly scrub decommissioned hardware of personal information such as social security numbers, account numbers and other personal data. Morgan Stanley earlier this month began notifying brokers and customers that some…
NZ: Kiwibank breach ‘significant’ – Privacy Commissioner
Kiwibank is investigating how it sent 4200 customers an email or online bank statement with their own account number, name and address, but another person’s transaction history. The commissioner, John Edwards, said some people will be identifiable by the statements and information sent. Read more on RNZ.
In: #GTUDataLeak: GTU students complain of massive data leak after mock test
Nidhi Taneja reports: The students of Gujarat Technological University have complained of massive data leaks during online pre-check trial/mock tests. The test was conducted by the university on July 28. Students allege that their personal details including ID proofs were leaked on the university’s website. Read more on IndiaTV.
Vermont Tax Department exposed 3 years worth of tax return info
Sergiu Gatlan reports: The Vermont Department of Taxes today disclosed that taxpayers’ private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020. The data breach affected all Vermonters who electronically filed Property Transfer Tax returns using the tax department’s site between February 2017 and July 2020….
White House Tells EPIC to Delete COVID-19 Records, EPIC Declines
I usually post items from EPIC.org over on PogoWasRight.org, but this one gets posted as a government breach on this site, too. In an unusual development, the White House directed EPIC this week to delete a set of records that EPIC recently obtained from the Office of Science & Technology Policy—a request which EPIC declined….