Ben Livingston reports: The Washington State Liquor and Cannabis Board is working to notify marijuana license applicants whose personal information was accidentally distributed by the agency in response to a public records request. The data may include social security numbers, driver’s license numbers, financial information, tax information and attorney-client privileged information. The LCB had redacted…
Category: Exposure
Info on international students and hosting families exposed in misconfigured database
It may be hard to resist naming a database after a favorite movie, but a database named “Coruscant” caught a researcher’s eye when the researcher was searching Shodan.io for exposed databases. And the rest, as they say, well… read on. The Cambridge Institute of International Education (CIIE) is a Boston-based educational consulting firm whose mission is to boost the…
Spanish police organization hacked; agents’ info allegedly dumped
HackKnowledge.in reports that a hacker who uses the Twitter handle @FkPoliceAnonOps claims to have hacked the Mutual Social Security Police (mupol.es) and dumped information on 5,400 agents. The leaked data contains full names, email addresses, national ID numbers, and hashed passwords. Although law enforcement is investigating, it does appear that there is any official confirmation as to the accuracy…
100 million accounts for VK, Russia’s Facebook, show up on dark web
Joseph Cox reports: Accounts for over 100 million users of popular social media site VK.com are being traded on the digital underground. Breach notification site LeakedSource obtained the data and published an analysis on Sunday. The hacker known as Peace, meanwhile, listed the data for sale on a dark web marketplace. […] Peace provided Motherboard…
Sh0ping.su Hacked, Thousands of Credit Cards and Accounts Leaked
Waqas writes: … The hackers behind the leak claim to have leaked 16,000 ShOping.su’s registered accounts, 15,000 user accounts which were stolen from other sites and stored on the hacked servers and around 9000 credit card data. Hacked-DB, the data mining company who first discovered the data contacted HackRead with an in-depth analysis according to them the leaked data is…
Defunct undergrad law society site exposed hundreds of SSNs
Penn State University recently reported an incident to the New Hampshire Attorney General’s Office that involves a now-defunct club. According to their report, the university was notified on April 13 that a historical document uploaded to the Undergraduate Law Society‘s web site was a spreadsheet that contained two fields – SSN and DOB – that…