data leak

Pierluigi Paganini August 07, 2018
Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Security experts from Group-IB, an international company specializing in preventing cyberattacks and developing information security solutions, has investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Within a year, the number […]

Pierluigi Paganini August 06, 2018
TCM Bank: website misconfiguration exposed applicant data for 16 months

TCM Bank announced that a Web site misconfiguration exposed applicant data for 16 months, between early March 2017 and mid-July 2018 TCM Bank, a subsidiary of ICBA Bancard, serves as a trusted advisor to community banks, it serves as a direct issuer of credit cards for more than 750 small and community U.S. banks who prefer […]

Pierluigi Paganini August 05, 2018
Salesforce warns of API error that exposed Marketing data

The US Cloud-based customer relationship management software giant Salesforce is warning marketing customers of a data leakage caused by an API error. The US cloud computing company Salesforce is warning marketing customers of a data leakage caused by an API error. The incident could potentially affect a large number of companies, including Aldo, Dunkin Donuts, GE, HauteLook, Nestle Waters, and Sony. The […]

Pierluigi Paganini July 19, 2018
Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

A security researcher has discovered that the US political robocall firm RoboCent exposed personal details of hundreds of thousands of US voters. The US political robocall firm RoboCent exposed personal details of hundreds of thousands of US voters. The researcher Bob Diachenko from Kromtech Security discovered the company database exposed online. The expert was using the online service GrayhatWarfare that could be […]

Pierluigi Paganini July 11, 2018
Hacker offered for sale US Military Reaper Drone documents for $200

Researchers at threat intelligence firm Recorded Future have reported that a hacker was trying to sell US Military Reaper drone documents for less than $200. The news is disconcerting, the hackers may have obtained the documents related to the Reaper drone by hacking into at least two computers belonging to U.S. military personnel. “Specifically, an English-speaking hacker claimed […]

Pierluigi Paganini July 01, 2018
Data Broker Exactis data breach, one of the biggest ever, exposes millions of Americans

Security expert Vinny Troia has found a huge trove of data belonging to millions of Americans that were left unsecured online.  The security researcher Vinny Troia was analyzing the level of security for Elasticsearch installs exposed online when discovered millions of records belonging to Americans that were left unsecured online. The expert used Shodan to find U.S. […]

Pierluigi Paganini June 30, 2018
Facebook Quiz app NameTests left 120 Million users’ data exposed online

Experts discovered a third-party quiz app, called NameTests, that was found exposing data of up to 120 million Facebook users. A bug on the Nametests.com exposed data of over 120 million users who took personality quizzes on Facebook, the good news is that the flaw was addressed as part of the Facebook’s Data Abuse Bounty Program launched […]

Pierluigi Paganini June 04, 2018
Thousands of organizations leak sensitive data via misconfigured Google Groups

Security experts reported widespread Google Groups misconfiguration exposes sensitive information. Administrators of organizations using Google Groups and G Suite must review their configuration to avoid the leakage of internal information. Security researchers from Kenna Security have recently discovered that 31 percent of 9,600 organizations analyzed is leaking sensitive e-mail information. The list of affected entities also includes […]

Pierluigi Paganini May 27, 2018
A bug in T-Mobile site allowed anyone see any customer’s account details

A flaw in T-Mobile’s website allowed anyone to access the personal account details of any customer by providing their mobile number. The bug discovered by the researcher Ryan Stevenson resides in the T-Mobile subdomain promotool.t-mobile.com used by the staff as a customer care portal to access the company’s internal tools. The promotool.t-mobile.com subdomain contained a hidden API that would […]

Pierluigi Paganini May 19, 2018
A dataset of 200 million PII exfiltrated from several Japanese websites offered on underground market

FireEye iSIGHT Intelligence discovered on the underground market a dataset allegedly containing 200 million unique sets of personally identifiable information stolen from several popular Japanese websites. Security experts from FireEye iSIGHT Intelligence have discovered on underground forums a dataset allegedly containing 200 million unique sets of personally identifiable information (PII) stolen from several popular Japanese website databases. It’s […]