Zhaki Abdullah reports: Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users’ data in 14 countries worldwide. German broadcaster Bayerischer Rundfunk reported last week that unencrypted oBike user data – names and ride locations, for example – were accessible online. A spokesman for the Singapore-based firm said…
Category: Exposure
Ashley Madison takes your privacy very seriously…. until they don’t…
Thomas Fox-Brewster reports: Despite the catastrophic 2015 hack that hit the dating site for adulterous folk, people still use Ashley Madison to hook up with others looking for some extramarital action. For those who’ve stuck around, or joined after the breach, decent cybersecurity is a must. Except, according to security researchers, the site has left photos of…
Private data on Gloucestershire hospital patients transferred to America by mistake
Matt Discombe reports: Private patient data held by Gloucestershire hospitals was mistakenly uploaded to a server in the USA due to problems with its new electronic record system. Information on 56 patients held by Gloucestershire Hospitals NHS Foundation Trust had been erroneously copied onto the server in October. The records, which included ‘identifiable sensitive data’…
Real Time Health Quotes leak affected health insurance applicants
So it appears I missed a third-party vendor/business associate leak that affected at least two covered entities and possibly more. Great thanks to Humana for sending along the vendor’s press release when I inquired about a breach report Humana had made to HHS as affecting 5,764 members or potential members. It turns out that the…
July Systems data leak: Massive trove of sensitive information exposed online via unsecured database
India Ashok reports: A massive trove of sensitive data was left freely exposed online by San Francisco-based July Systems. The company’s cloud-based location intelligence and engagement platform called “Proximity MX”, which contains proprietary information belonging to the firm and its clients, were exposed via unsecured Amazon S3 databases. […] According to security researchers at Kromtech,…
A popular virtual keyboard app leaks 31 million users’ personal data
Zack Whittaker reports: Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app’s developer failed to secure the database’s server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the…