From Amnesty USA: Serious security vulnerabilities in Qatar’s mandatory contact tracing app, uncovered by Amnesty International, must act as a wake-up call for governments rolling-out COVID-19 apps to ensure privacy safeguards are central to the technology. An investigation by Amnesty’s Security Lab discovered the critical weakness in the configuration of Qatar’s EHTERAZ contact tracing app….
Category: Exposure
Bank of America reveals data breach in PPP application process
Caroline Hudson reports: Bank of America Corp. (NYSE: BAC) has revealed a possible data breach on business clients’ information for the Paycheck Protection Program. The breach occurred on April 22, as BofA uploaded PPP applications onto the U.S. Small Business Administration’s test platform, according to a filing with the California Attorney General’s Office. The limited-access…
Kentucky unemployment website experienced April data breach
Another state has reported a breach or leak involving a state portal for filing unemployment claims. Fox19 reports: Kentucky officials reported Thursday what Gov. Andy Beshear described as a “data breach” in the state’s unemployment insurance web portal. The so-called breach took place on April 23, according to a release from Kentucky’s Education and Workforce…
AU: Big Footy data breach exposed private details of up to 100,000 users
Fiona Wilan reports: A large data leak from an AFL fan website has exposed about 70 million records online, including private conversations between users, according to cyber security researchers. Aussie Rules forum Bigfooty.com has about 100,000 users – although it’s not known how many were affected. The site has now started to contact users to notify them…
Personal Details and IDs of Millions of Indian Families Exposed As A Result of Security Incident
Bob Diachenko writes: On May 23rd, another Elasticsearch misconfiguration incident has led to the exposure of the personal details and Aadhar number for millions of families registered under Mukhya Mantri Parivar Samridhi Yojana (MMPSY), which is one of the largest social security programme in India rolled out in the state of Haryana. According to Bob, the server…
TH: National Broadcasting and Telecommunications Commission warns Advanced Wireless Network on data breach
The Bangkok Post reports: The telecom regulator has handed an official warning letter to a subsidiary of Advanced Info Service (AIS), urging it to strictly ensure cybersecurity and data protection after the firm accidentally exposed its database of 8 billion internet records online without a password during a scheduled test earlier this month. The move…