Zack Whittaker reports on a 4.1 terabyte leak found by a researcher using the handle “Timeless:” Rallyhood boasts users from Girl Scout and Boy Scout troops, and Komen, Habitat for Humanities, and YMCA factions. The company also hosts thousands of smaller groups, like local bands, sports teams, art clubs, and organizing committees. Many flocked to…
Category: Exposure
Personal health information of nearly 2,900 Queen’s patients sent to wrong email address
The Star Advertiser reports: An employee sent an email containing personal health information for 2,852 patients of The Queen’s Medical Center and Queen’s North Hawaii Community Hospital to the wrong address on Feb. 3, Queen’s officials announced today. No Social Security numbers or financial account information was included, so patients’ financial security is not at…
Celeb Shout-Out App Cameo Exposes Private Videos and User Data
Joseph Cox reports: Cameo, the increasingly popular app for paying celebrities to record short personal videos, exposed a wealth of user data including email addresses, hashed and salted passwords and phone numbers, and messages via a misconfiguration in its app. The site also has an issue where videos that are supposed to be private are…
Household Names: How Tetrad Exposed Data on 120 Million Consumers
From UpGuard: The UpGuard Research team can now disclose that a collection of data sets detailing the purchasing habits and consumer behavior profiles of virtually every American household has been secured. The publicly exposed data comes from market analysis company Tetrad but includes data blended from many sources, including Experian Mosaic, Claritas/Nielsen’s PRIZM, and what…
A ‘stalkerware’ app leaked phone data from thousands of victims
Zack Whittaker reports: A spyware app designed to “monitor everything” on a victim’s phone has been secretly installed on thousands of phones. The app, KidsGuard, claims it can “access all the information” on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of phone…
University of Washington Medicine patients file class action lawsuit over December 2018 leak
Amy Clancy has an update on a University of Washington Medicine breach that was disclosed in February 2019. The breach was a human error incident that resulted in more than 970,000 patients having their information exposed online for several weeks. Clancy reports that the breach has now led to a class-action lawsuit that could eventually…