Since 2015, this site has been reporting on data leaks due to misconfigured databases or devices that are indexed on shodan.io or other specialized search engines. Many of the leaks I have reported on involve AWS S3 buckets. And despite the fact that Amazon has issued reminders and guidance to its customers about securing buckets,…
Category: Of Note
UK: NHS data loss scandal deepens with further 162,000 files missing
Rajeev Syal and Denis Campbell report: The scandal over the biggest ever loss of NHS medical correspondence has deepened with the revelation that a further 162,000 documents went missing, in addition to the 702,000 pieces of paperwork already known to have gone astray. MPs said they were “dumbstruck” to learn that even more material relating…
Data breach exposes millions of South Africans’ personal records
Andrew Fraser reports: A huge trove of data, containing the personal information of millions of South Africans, including property ownership, employment history, income and company directorships, has been discovered by information security researcher Troy Hunt. Hunt, the founder of HaveIbeenPwned.com, said the breach contains data of more than 30m unique South African ID numbers. The…
South Korean Gov’t Investigating Bithumb Security Breach, World’s Largest Cryptocurrency Exchange
Joseph Young reports: Local news publications and leading media outlets in South Korea have reported that Bithumb, the world’s largest cryptocurrency exchange by trading volume, suffered a security breach that affected 30,000 users on the trading platform. Seoul Central Prosecutor’s Office for Advanced Criminal Investigation has announced that it had taken over the case and…
New attack works against all WPA2 WiFi networks: Android & Linux most vulnerable, but iOS and macOS too
Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can…
Ransomware On The Rise: Dark Web Market Demand Up 2,500%
AJ Dellinger reports: The demand for ransomware attacks on dark web skyrocketed in the last year, with the marketplace showing a growth of more than 2,500 percent, according to a new report. United States-based cybersecurity company Carbon Black published a study titled “the Ransomware Economy” earlier this week that shows ransomware attacks are becoming increasingly…