Yesterday, Graham Cluley wrote: UK Prime Minister Boris Johnson announced on Twitter this afternoon that he was chairing the first ever digital Cabinet, while he self-isolated himself at Downing Street after revealing he was suffering “mild symptoms” of Coronavirus. Johnson included in the tweet a screenshot of his desktop, showing there were 35 participants on the Zoom…
Category: Exposure
Campaign Gaffe: How a Voter Contact App Exposed Credentials and Code
UpGuard reports: UpGuard can now disclose that a code repository including exposed access credentials for Campaign Sidekick, a current voter contact, survey, and canvassing app used by Republican campaigns, has been secured. The code repository was within a “.git” directory which was configured for public access and hosted on Campaign Sidekick’s primary website. The directory contained…
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
Cynthia J. Larose and Natalie Prescott of Mintz discuss a lawsuit previously noted on this site: Fuentes v. Sunshine Behavioral Health Group, LLC. The lawsuit followed a data leak of PHI due to a misconfiguration of a database. The leak was first reported by DataBreaches.net who had alerted the entity to their leak. I’m going…
Ca: Toronto residents’ data improperly shared with councillor’s office in privacy breach
David Rider reports: More than 7,000 Torontonians are being told their personal information was improperly disclosed to a city councillors’ office, the Star has learned. In a March 17 letter to 7,227 people in a program for senior citizens and disabled people who receive free sidewalk snow clearing, Vincent Sferrazza, a city transportation director, tells…
Report: unidentified database exposes 200 million Americans
The CyberNews research team reports: The CyberNews research team uncovered an unsecured database owned by an unidentified party, comprising 800 gigabytes of personal user information.The database in question was left on a publicly accessible server and contained more than 200 million detailed user records, putting an astonishing number of people at risk. On March 3, 2020, the…
India’s Vijay Sales Leaks Private Information through Exposed Amazon Backup Server
Risk Based Security notes: On March 2nd, 2020, a notorious threat actor posted a leaked Vijay Sales database on a popular dark web hacker forum. Vijay Sales is a large electronics retail store chain in India, with nearly two hundred thousand users affected in the leak. The threat actor claimed the source was from an…