Thanos Pappas reports: Many people worry about hackers stealing their personal data, but sometimes, the worst breaches come not from shadowy cybercriminals but straight from the companies we trust. According to a new report from Germany, the VW Group stored sensitive information for 800,000 electric vehicles from various brands on a poorly secured Amazon cloud—essentially leaving…
Category: Exposure
Conversation with a “Nam3L3ss” Watchdog, Part 2: Methods
This is a multi-part interview with the individual known as “Nam3L3ss” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. Read the Preface. In Part 1, he answered some questions about his background and what motivated him to do what does. In this part, we talk…
Tracker firm Hapn spilled names of thousands of GPS tracking customers
Zack Whittaker reports: GPS tracking firm Hapn exposed the names of thousands of its customers due to a website bug, TechCrunch has learned. A security researcher alerted TechCrunch in late November to customer names and affiliations — such as the name of their workplace — spilling from one of Hapn’s servers, which TechCrunch has seen….
No need to hack when it’s leaking: Rapido edition
Jagmeet Singh reports: Rapido, a popular ride-hailing platform in India, has fixed a security issue that exposed personal information associated with its users and drivers, TechCrunch has exclusively learned. The flaw, discovered by security researcher Renganathan P, was related to a website form meant to collect feedback from Rapido auto-rickshaw users and drivers. The form…
No need to hack when it’s leaking: Cisco edition
The hacker and forum owner known as “IntelBroker” announced that he and others breached Cisco systems and obtained source code and other valuable information. In a forum post where they offered “partial Cisco” data, they admit that a Cisco error had enabled them to access the data: In October 2024, Cisco accidentally left open their…
UT Southwestern Medical Center has disclosed at least four breaches since July 2023. Is HHS investigating?
How many patient data breaches can a covered entity have before HHS OCR opens a serious investigation into their compliance with the HIPAA Security Rule? According to DataBreaches’ count, UT Southwestern Medical Center in Texas has disclosed at least four breaches since July 2023. As a brief recap of the first three: In July 2023,…