Al Restar writes: Two popular cashback services have leaked nearly two terabytes worth of personally identifiable information (PII) and account data in an unprotected Elastic database. The two cashback websites have been operating mostly in the United Kingdom and India. Cybersecurity experts from the Security Detectives (sic) Research team discovered an unprotected Elasticsearch database containing at…
Category: Non-U.S.
Report: MCMC ends contract with company after massive 2017 phone data leak
Azril Annuar reports: The Malaysian Communications and Multimedia Commission (MCMC) has terminated the services of a firm hired back in 2017 to protect the personal data of mobile phone users. Thus comes after the personal data of the users, including details such as MyKad numbers were reportedly leaked by the same company. Online portal Malaysiakini reported that…
UK: Patient’s private answerphone message became Devon hospital’s voicemail
Okay, this is a bit different as far as breaches go. Anita Merritt reports: A Devon hospital has apologised after a caller’s voicemail, containing personal patient details, became the hospital’s answerphone message for more than seven hours. During that time the caller was inundated with calls from patients giving details about their health problems believing…
UK: ‘I feel violated’ – Hospital sends personal details of 11 patients to wrong address
David Hannant reports: A disabled mother-of-two says she feels violated after personal details about her sent by her hospital were delivered to the wrong address. Cireena Read, of Northrepps, was distraught when she opened a letter from the Norfolk and Norwich University Hospital informing her of the error, which saw personal and medical details about…
Sberbank says sensational data theft fully solved
Andrei Skvarsky reports: The source of last week’s sensational leak of Sberbank credit card details took “hours” to find out, Russia’s biggest lender said in announcing that the theft had been fully solved. The bank said in a statement that the data, which were put on sale in the black market, had been stolen by a junior…
JustDial fixes bug that allowed hackers access
The Economic Times reports: Local search service JustDial was found to contain a security flaw, through which a user account could potentially be hacked, but the company managed to rectify it in a day. A cyber security researcher, Ehraz Ahmed, uncovered the vulnerability, which was first reported by moneycontrol.com. Read more at Economic Times.