Another day, another leak. Another leak, another entity claiming it’s not real data. Another leak, another frustrating experience trying to responsibly disclose. According to Safety Detectives, they found exposed data related to an app called Transact Campus: Transact Campus’ technology integrates several payment functions into a single mobile platform to power student purchases at higher…
Category: Exposure
AU: Researcher finds ACY Securities leaking 60 GB of User Data
ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until independent researcher Anurag Sen persisted in trying to alert them to a misconfigured elasticsearch database. As seen by Hackread, the data included personally…
Icare sends private details of 193,000 workers to wrong employers
Lucy Cormack reports: The personal details of almost 200,000 injured workers were mistakenly shared with 587 employers and insurance brokers in a major privacy data breach by embattled state insurer icare last month. A senior source with direct knowledge of the breach said the details of 193,000 employees were contained in spreadsheets that were mistakenly…
Pegasus Airlines data breach exposes 6.5TB of flight and crew data
Pegasus Airlines, a Turkish low-cost carrier, has accidentally leaked around 6.5TB of personal information of flight crew, flight data, and source code after misconfiguring an AWS bucket. Read more at Teiss.
Trust Stamp, a facial recognition company with a $7.2 million ICE contract, had dozens of peoples’ data exposed in breach
Caroline Haskins reports: Trust Stamp, a government contractor that develops facial recognition and surveillance tools for agencies like Immigration and Customs Enforcement, left the personal information of several dozen people unsecured on a breached database, Insider has learned. This information included names, birthdays, home addresses, and driver’s license data. An anonymous tipster who said they…
Texas Department of Insurance leak went undetected for three years — state audit
On April 5, DataBreaches reported: And then there’s the Texas Department of Insurance. They informed the Texas Attorney General’s office that 1,800,000 Texas were affected by a leak involving names, addresses, dates of birth, phone numbers, parts or all of Social Security numbers, and information about injuries and workers’ compensation claims. Anyone who had claim…