Catalin Cimpanu reports: A British security researcher that goes online only by the name of InfoSec Guy revealed today that American Samoa domain registry ASNIC was using an outdated domain name management system that contained a bug allowing anyone to view the personal details of any .as domain owner. The researcher also claims that anyone…
Category: Exposure
Movimiento Ciudadano admits it was their copy of the Mexican voter list on AWS, tries to deflect blame to researcher
A reader kindly informed me that Movimiento Ciudadano, one of the political parties that had legitimate access to Mexico’s voter data list, has admitted it was responsible for the leak on Amazon. Except that as I read more, I realized they weren’t really admitting they were responsible for the leak. I’ve been trying to read/translate a number…
PH: BIR probes employees for leaking sensitive data
Ben O. de Vera reports: The Bureau of Internal Revenue (BIR) is looking into an alleged leak of confidential information obtained from tax tipsters. In Revenue Memorandum Circular No. 50-2016 issued last April 22, BIR Commissioner Kim S. Jacinto-Henares said the leak was allegedly perpetrated by the bureau’s own officers and employees. Henares said the…
GoldCorp hacked, data dumped
Yesterday I was contacted by hackers who claimed that GoldCorp, a gold-mining firm with headquarters in Vancouver, British Columbia (TSX:G NYSE: GG), had been “badly hacked” and its data dumped. I’ve written up the details we’ve found so far, and you can read all about it on The Daily Dot, where I’ll be contributing occasionally. And if you’re the hacker(s) who…
Demand letter served on poll body over disastrous ‘Comeleak’ breach
There continues to be a lot of media coverage of the COMELEC breach in the Philippines. Here’s an interesting response. Carlos Nazareno reports: The Center for International Law Philippines (Centerlaw), a human rights legal group, delivered on Monday, April 25, a demand letter to the Commission on Elections (Comelec) over its possible failure to reasonably protect the…
QNB, Al Jazeera, and other Qatar entities have their data leaked online
Doha News reports that clients of Qatar National Bank (QNB), employees at Al Jazeera Media Network, and even secret service agents have had what appears to be their details leaked. The names, phone numbers, bank passwords and other sensitive information of what appears to be a large number of Qatar National Bank (QNB) customers has…