Exposure – Page 155 – DataBreaches.Net

Billions of Records Including Passwords Leaked by Smart Home Vendor (Updated)

Posted on July 2, 2019 by Dissent

Sergiu Gatlan reports: A publicly accessible ElasticSearch cluster owned by Orvibo, a Chinese smart home solutions provider, leaked more than two billion user logs containing sensitive data of customers from countries all over the world. Orvibo provides its clients with smart solutions designed to help them manage houses, offices, and hotel rooms via smart systems…

Jack’d To Pay $240K For Private Photos Leak

Posted on June 29, 2019 by Dissent

Devin Randall reports: Jack’d is paying out money make up for its picture leak. Earlier this year, we shared with you how a single tech expert Oliver Hough discovered that there was a large hole in Jack’d’s code. It turns out, the company did not properly secure photos and data uploaded using Amazon Web Services…

AWS S3 server leaks data from Fortune 100 companies: Ford, Netflix, TD Bank

Posted on June 28, 2019 by Dissent

Catalin Cimpanu reports: Attunity, an Israeli IT firm that provides data management, warehousing, and replication services for the world’s biggest companies, has exposed some of its customers’ data after it left three Amazon S3 buckets exposed on the internet without a password. The leaky AWS S3 buckets contained information on Attunity’s own operations, but also…

5 million personal records belonging to MedicareSupplement.com exposed to public

Posted on June 28, 2019 by Dissent

Paul Bischoff writes: An online database of more than 5 million records apparently belonging to MedicareSupplement.com was left open and accessible to the public. On May 13, 2019, Comparitech worked alongside security researcher Bob Diachenko to uncover the publicly available MongoDB instance that appears to be part of the website’s marketing leads database. MedicareSupplement.com is…

WeTransfer Security Incident Sent Files to the Wrong People

Posted on June 22, 2019 by Dissent

Lawrence Abrams reports: In an embarrassing security incident, the WeTransfer file sharing service announced that for two days it was sending it’s users shared files to the wrong people. As this service is used to transfer what are considered private, and potentially sensitive files, this could be a big privacy issue for affected users. Starting…

Insurance company AIA fined $10,000 by PDPC for personal data breach

Posted on June 21, 2019 by Dissent

Lester Wong reports from Singapore: Insurance company AIA was fined $10,000 by the Personal Data Protection Commission (PDPC) for mistakenly sending 245 letters meant for various customers to just two people due to a programming error in its software system that auto-generates the letters. The bulk of the letters (237) were premium notice letters for…