Catalin Cimpanu reports: More than 100 smart irrigation systems were left exposed online without a password last month, allowing anyone to access and tamper with water irrigation programs for crops, tree plantations, cities, and building complexes. The exposed irrigation systems were discovered by Security Joes, a small boutique security firm based in Israel. Read more on…
Category: Exposure
Mount Diablo Unified District responds to SchoolMessenger leak
On September 21, the Mount Diablo Unified District notified parents of a breach involving the SchoolMessenger app by Intrado. Their letter explains that on September 14, 2020, the district was informed that “when certain parents were using the SchoolMessenger mobile application, they were able to view a list of roughly thirty (30) unique names, emails,…
Names, Private Information Of Child Sex Crime Victims Were Illegally Made Public In Cook County Court Records
Samah Assad, Christopher Hacker, and Brad Edwards report: Cook County officials left the personal information of child sex crime victims in public court records, violating a state law that requires those details be kept hidden. The person charged with protecting those victims’ privacy in the records, Circuit Court Clerk Dorothy Brown, refused to restrict access to them for more than a month after being told about…
Data on 2,750 partner firms of Japan Post unit leaked
Oops! JIJI reports: A computer file containing data on 2,750 business partners of a unit of Japan Post Co. has been leaked, the parent company said Tuesday. On Oct. 6, an employee of the Tokyo-based unit, Japan Post Trading Service Co., which conducts catalog-based sales of midsummer and year-end gifts handled at post offices, mistakenly…
Virtual learning company admits releasing student data in bid to expand in Missouri
Kurt Erikson reports: A company offering virtual learning programs in Missouri “inadvertently” released student information as it worked the Capitol halls earlier this year in a bid to make it easier to expand its offerings. [,,,] In an Aug. 20 letter, Christopher Neale, assistant commissioner of the Missouri Department of Elementary and Secondary Education, said…
Twitter-Owned SDK Leaking Location Data of Millions of Users
Joseph Cox reports: A series of popular apps using an outdated piece of code owned by Twitter are exposing their users’ location data. In total, the apps have been downloaded nearly 10 million times. The news highlights the continued role of software development kits (SDKs), small bundles of code that developers often add to their…