Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…
Category: Exposure
Nulled.io crime forum breach could cause a world of pain for members
Dan Goodin reports: A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members. Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in…
John McGuinness says HSE in “serious breach of data protection” as patient files stored in unlocked outhouses
MaryAnn Vaughan reports: A Kilkenny Dáil Deputy says the HSE locally has seriously breached Data Protection. John McGuinness says it was brought to his attention that there are boxes of patient and HSE workers’ files stored in unlocked outhouses at the site of their auxiliary hospital on Wolfe Tone Street in Kilkenny. Read more on…
Besa Mafia: Hitman For Hire Site Hacked, Data Dumped
RiskBased Security writes: News reports of websites being hacked and data being leaked has become an all too common occurrence. Most of the press focuses on popular or well known sites, rarely touching on leaks from sites that reside in the recesses of the “deep web” or “dark web”, accessible only by means such as…
Florida Medical Clinic, PA notifies 1,000 patients after Greenway Health error exposed PHI
The following statement was posted by Florida Medical Clinic, PA on their web site. The incident was reported to HHS on May 4 as impacting 1,000 patients. Please be advised from November 18th, 2015 to January 6th, 2016 your Florida Medical Clinic, PA patient due balance statement (sample statement attached) was accessible to industrial account…
Chinese Tycoons, Party Officials’ Data Leaked on Twitter
From Bloomberg News: Personal information on dozens of Chinese Communist Party officials and captains of industry from Jack Ma to Wang Jianlin may have been exposed on Twitter in one of the country’s biggest online leaks of sensitive information. Posts on Twitter from an account under the name “shenfenzheng” — which has since been frozen…