All posts in data leak

by Paul Ducklin Early disclaimer: this isn’t quite the mother of all data breaches, nor even perhaps a younger cousin, so you can stand down from Blue Alert right away. As far as we can tell, only names, email addresses and employers were leaked in the wrongly shared document. But . . . Read more
18 Jul, 2023
Australia, CXO, Cybersecurity, data leak, Data management, e-waste, environmental social and governance, ESG, life cycle management, risk, Security, Security News
0

Australia has an e-waste problem, and for all the conversations around climate change, energy use, plastics and other ESG matters, it’s surprising that more isn’t said about it. Image: aicandy/Adobe Stock Currently, just 12% of the nation’s computers are recycled, and Australia is the fourth-highest generator of e-waste per capita. . . . Read more

A straight-talking bug report written in plain English by an actual expert – there’s a teachable moment in this cybersecurity story!

Hey, let’s create a text file that lists our security contacts! We’ll call it… security DOT txt.
15 Dec, 2020
Breach, CT scans, data leak, DICOM, medical data, mri, network attached storage, personal healthcare information, PHI, PII, Security, Security News, sensitive data, X-ray
0

A six-month investigation by CybelAngel discovered unsecured sensitive patient data available for third parties to access for blackmail, fraud or other nefarious purposes. More than 45 million medical images—and the personally identifiable information (PII) and personal healthcare information (PHI) associated with them–have been left exposed online due to unsecured technology . . . Read more
07 Dec, 2020
barnes & noble, Brazil, Breach, Clop, conti, Dark Web, data leak, data theft, Defray 777, egregor, Embraer, Hacks, Kmart, leak site, Malware, RansomExx, Ransomware, Security News, Translink, ZDNET
0

The group published files stolen from the Brazilian aircraft manufacturer in a ransomware attack last month. Hackers have dumped sensitive company data that was stolen during a ransomware attack last month on aircraft manufacturer Embraer. The compromised data appeared on a new dark web site created to publish leaked information, . . . Read more
03 Dec, 2020
Breach, clop ransomware, Credit Card Theft, data leak, data theft, E-Land, E-Land Global, Hacks, Malware, NC Department Store, New Core, point of sale malware, pos, Ransomware, ransomware gang, Security News, South Korea, Web Security
0
The ransomware group pilfered payment-card data and credentials for over a year, before ending with an attack last month that shut down many of the South Korean retailer’s stores.
01 Dec, 2020
Amazon AWS S3 bucket, Azure blob, Breach, cayman islands, Cloud misconfiguration, Cloud Security, data leak, investment firm, Microsoft Azure Blob, offshore banking, personal information, Privacy, Security News, security vulnerability, Vulnerabilities
0
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
11 Nov, 2020
Android, COVID-19, data breach, data leak, Dure Technologies, Healthcare data, iOS, Mobile Security, Pandemic, Philippines, Philippines Department of Health, Privacy, Security, Security News, The Citizen Lab, University of Toronto, Vulnerabilities, Web, world health organization
0

Philippines COVID-KAYA app allowed for unauthorized access typically protected by ‘superuser’ credentials and also may have exposed patient data. A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient . . . Read more
09 Nov, 2020
10 million records, AWS S3 Bucket, booking.com, Breach, cloud hospitality, Cloud misconfiguration, Cloud Security, credit card fraud, data leak, Expedia, exposure, hotel records, hotel reservations, prestige, Security News, Vulnerabilities, website planet
0
A cloud misconfiguration affecting users of a popular reservation platform threatens travelers with identity theft, scams, credit-card fraud and vacation-stealing. A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The . . . Read more