It seems that every week I hear from researchers who find patient data or medical data exposed. And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or hope…
Category: Exposure
Mercedes-Benz app glitch exposed car owners’ information to other users
Zack Whittaker reports: Mercedes-Benz car owners have said that the app they used to remotely locate, unlock and start their cars was displaying other people’s account and vehicle information. TechCrunch spoke to two customers who said the Mercedes-Benz’ connected car app was pulling in information from other accounts and not their own, allowing them to…
Recruitment Sites Exposes 250,000 Resumes Online
CISO Mag reports: Around 250,000 American and British-based job seekers’ personal information has been exposed after two recruiting sites misconfigured their databases. The exposed information included candidates’ names, addresses, contact information, and work experience. The data leak occurred when recruitment sites Authentic Jobs and Sonic Jobs failed to set their cloud storage as private. Read…
CA: Lucia Mar employees at risk after data breach
Kasey Bubnash reports: Administrators and tech staff at Lucia Mar Unified School District are cleaning up after confidential employee information was accidentally shared in an email that was sent out to some district staff. At about 1:43 p.m. on Oct. 9, an email regarding open enrollment insurance—and including a file containing sensitive employee information—was sent to…
Two cashback sites leaked data of 3.5 million users
Al Restar writes: Two popular cashback services have leaked nearly two terabytes worth of personally identifiable information (PII) and account data in an unprotected Elastic database. The two cashback websites have been operating mostly in the United Kingdom and India. Cybersecurity experts from the Security Detectives (sic) Research team discovered an unprotected Elasticsearch database containing at…
Report: MCMC ends contract with company after massive 2017 phone data leak
Azril Annuar reports: The Malaysian Communications and Multimedia Commission (MCMC) has terminated the services of a firm hired back in 2017 to protect the personal data of mobile phone users. Thus comes after the personal data of the users, including details such as MyKad numbers were reportedly leaked by the same company. Online portal Malaysiakini reported that…