Zack Whittaker reports: Urban Massage, a popular massage startup that bills itself as providing “wellness that comes to you,” has leaked its entire customer database. The London, U.K.-based startup — now known as just Urban— left its Google-hosted ElasticSearch database online without a password, allowing anyone to read hundreds of thousands of customer and staff…
Category: Non-U.S.
Private data of users of PratenOnline.nl stolen and held for ransom?
Damn. This is a breach involving highly sensitive data. I am publishing a Google translation of a report that appeared on Security.nl. If you can read Dutch, please go read the original report. I hope that Security.nl understands that I am using their content because this breach is so serious and I want my readers to…
UK’s ICO fines Uber £385,000 over data protection failings
The monetary penalties levied against ride-sharing giant Uber for covering up a 2016 breach continue to mount. From the ICO’s office: The Information Commissioner’s Office (ICO) has fined ride sharing company Uber £385,000 for failing to protect customers’ personal information during a cyber attack. A series of avoidable data security flaws allowed the personal details…
Bulgarian Prosecutors Detain Three Hackers Allegedly Involved in $5 Million Crypto Theft
Helen Partz reports: Bulgarian Gendarmerie forces and specialized prosecutors have arrested three hackers allegedly involved in stealing $5 million in crypto, Sofia-based newspaper 24 Chasa reports Monday, Nov. 26. Bulgarian police reportedly seized cryptocurrencies worth around $3 million, as well as the equipment allegedly used by the thefts, including computers, flash drives, and a hardware…
UK cops won’t go after researcher who reported security issue to York city officials
Catalin Cimpanu reports: North Yorkshire Police said today they’re not pursuing a criminal case against the researcher who found a vulnerability in a mobile app developed by the York city council. City officials had reported the researcher to police earlier this month, but North Yorkshire Police said “the researcher has acted correctly.” Read more on…
Belgian Data Protection Authority reports jump in data breach notifications
Telecompaper reports: The Belgian Data Protection Authority reported a sharp increase in the number of data breaches reported to the regulator since the EU’s General Data Protection Regulation took effect in May, at 317 compared to 13 in 2017. The health, insurance, government, telecom and financial sectors were the top sources of the notifications. The…