Leon writes: In March 2019, I found an unsecured Elasticsearch database which contains more than 4 billion records. The database was sensitive as it contains a lot of PII details as well as Geo-Coordinates of the vehicles meaning the location of the transportation vehicle is tracked and seems to be of an unknown company which…
Category: Business Sector
A misconfigured AWS bucket exposed personal and counseling logs of almost 300,000 Indian employees
On July 17, this site reported on a leak by a vendor, Medico, Inc., that exposed 300,000 patients’ insurance billing-related records. Today, we report on another leak – this one by another vendor – that also exposed about 300,000 records. As part of their benefits offerings, companies often offer services to their employees to help…
Pearson Hack Exposed Details on Thousands of U.S. Students
Parmy Olson reports that while Pearson may be trying to implant the idea that 13,000 students were affected by its recently disclosed breach, the number may actually be much, much higher. Allan Cunningham, the information-security officer for Washoe County School District in Nevada, said he learned from Pearson that the breach affected data of 114,000…
Never count your Equifax chicken$ before… well, you know
If you had a gleam in your eye thinking about how you might get $125 from Equifax as part of their settlement, guess again. The FTC announced today that so many people had already filed claims that Equifax wouldn’t have enough money to pay everyone, so …… the FTC says to take the free credit…
Honda Motor Company leaks database with 134 million rows of employee computer data
Justin reports: I was searching Shodan yet again when I discovered an ElasticSearch database without any authentication. The data contained within this database was related to the internal network and computers of Honda Motor Company. The information available in the database appeared to be something like a inventory of all Honda internal machines. This included…
Hellenic Data Protection Authority fines Price Waterhouse Coopers 150K for employees’ data breach
The Hellenic Data Protection Authority imposed a 150,000 euros fine on Price Waterhouse Coopers Business SA (PWC BS) for the illegal processing of personal data of its employees, was reported on Tuesday, as per the general regulation for data protection. Read more on amna.gr A copy of the full decision (in English) appears below: