RiskBased Security reports that although it notified CabCharge of a misconfigured database leaking customer information and CabCharge seems to have taken steps to secure the data, CabCharge has neither acknowledged the notification nor notified customers: …. Our lead researcher quickly contacted CabCharge.com.au to alert them to the issue. After a few hours of checking on the status of…
Category: Business Sector
Talentbuddy.co / Talentguide.co Database Exposed, Company Reacts Swiftly
Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…
Nulled.io crime forum breach could cause a world of pain for members
Dan Goodin reports: A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members. Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in…
Nostalgic for a backup drive breach? Here it is…
The days of backup drives with unencrypted information being stolen from unattended vehicles is not totally a thing of the past. On April 26, New Hampshire Distributors, LLC notified the state attorney general’s office that a stolen backup drive contained information on 924 New Hampshire residents. The total number of individuals affected was not disclosed. It’s…
Double whammy: Avention investigating two data breaches involving employee info
Massachusetts-based Avention, formerly known as OneSource Solutions, is investigating two recent data breaches that may, or may not, be the work of the same criminal(s). In a letter to the New Hampshire Attorney General’s Office, their external counsel provides a chronology of events, beginning with reports by some employees on April 19 that their tax returns had been rejected because…
Besa Mafia: Hitman For Hire Site Hacked, Data Dumped
RiskBased Security writes: News reports of websites being hacked and data being leaked has become an all too common occurrence. Most of the press focuses on popular or well known sites, rarely touching on leaks from sites that reside in the recesses of the “deep web” or “dark web”, accessible only by means such as…