Bob Diachenko recently reported on yet another massive data exposure: On November 12th, when auditing the search results for open/exposed Elasticsearch databases with Binaryedge.ioplatform, we have found what appeared to be a collection of personal records compiled by FIESP, the Federation of Industries of the State of São Paulo. FIESP is the largest class entity…
Category: Business Sector
PageUp investigation found no evidence of data theft, company says
Rohan Pearce has an update to a breach that was first disclosed in June, 2018: HR software company PageUp says that a forensic expert it engaged to examine its systems has found “no specific evidence” that data was stolen during a security breach earlier this year. Read more on Computerworld.
Another ‘decision makers’ database leaked
Depressingly, Bob Diachenko of Hackenproof writes: These days it’s quite easy for an ordinary person to get the contact details of any business or organization for a certain fee or subscription. However, should seemingly non-sensitive data be so easily available? 123GB of personal data exposed On November 5th, we discovered an open and unprotected MongoDB…
German flirting network gets fined 20,000€ for leaking user information
Nicole Lorenz reports Knuddels.de is a German flirting / chatting / social media channel. The network was hacked back in September and around 808,000 email addresses as well as 1,872,000 pseudonyms and passwords were leaked as a result. Now a couple of months later a German court decided that the company would have to pay…
Hackers Hit Adult Furry Website, Exposing Hundreds of Thousands of Users
Melanie Ehrenkranz reports: The website for an adult furry game was hacked, with 411,000 unique email addresses and other personal information leaked, according to Have I Been Pwned’s Troy Hunt. The website hosted High Tail Hall, an interactive puzzle game “where you can have erotic encounters with the surrounding characters.” The data breach reportedly happened…
USPS Site Exposed Data on 60 Million Users
Brian Krebs reports: U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked…