Tom Spring writes: Box.com has changed the way it handles publicly shared accounts and folders after a researcher found confidential documents and data belonging to Box.com users via Google, Bing and other search engines. While Box.com maintains this is a case of its customers unintentionally over-sharing, it says it has “fixed” the issue. The problem…
Category: Exposure
MongoDB Databases Held Up for Ransom by Mysterious Attacker
Catalin Cimpanu reports: An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing their content, and asking for a Bitcoin ransom to return the data. These attacks have been happening for more than a week and have hit servers all over the world. The first one to notice the attacks was…
Customer records from used car dealership found dumped in Detroit’s Brightmoor area
If you were a customer of Get Fresh Auto in Detroit, you may want to read a report by Randy Wimbley for Fox2. Contacted after a watchdog found customer information just dumped on a debris-littered street, the used car dealership’s owner’s responses to the reporter’s questions about how the papers wound up there reminded me of Sgt. Schultz in Hogan’s Heroes. “As soon…
US government subcontractor leaks confidential military personnel data
Charlie Osborne reports: A Pentagon subcontractor has exposed reams of highly sensitive details belonging to active military healthcare professionals online, some of which hold top-secret security clearances. Potomac Healthcare Solutions, a subcontractor brought on board to supply healthcare professionals to the US government and military organizations through its Washington, DC.-based contractor Booz Allen Hamilton, was…
Veterans say mail from VAC outs medical marijuana users
Andrea Gunn reports yet another incident where Canadian medical marijuana users have been outed by a mailing gaffe. Veterans across Canada are reporting a security breach involving mail sent out by Veterans Affairs Canada that lets anyone looking at the outside of the envelope know it was issued under the federal medical marijuana program. Veteran…
Hong Kong Airlines says sorry over passenger data leak
EJinsight reports: Hong Kong Airlines has issued a public apology after its Android mobile app reportedly leaked personal data of more than a hundred of its passengers, including their names, passport numbers and travel records. The airline immediately suspended access to the app and a feature where non-members can make enquiries, Ming Pao Daily reports….