18 Sep 2019

Google Calendar Settings Gaffes Exposes Users’ Meetings, Company Details

Security researchers are warning that Google’s Calendar settings put billions of users at risk of accidentally exposing their personal or work calendars to the Internet. While this risk doesn’t result from a security vulnerability, analysts say that Google doesn’t adequately inform users that using a link to share their calendar

Read More
18 Sep 2019

400 Million Medical Radiological Images Exposed on the Internet

A recent study by Greenbone Networks uncovered 590 unprotected Picture Archiving and Communication System (PACS) servers across 52 countries that left a total of 24.3 million patient records exposed to the Internet. Healthcare organizations use PACS to store medical data from imaging devices like X-Ray, CT, or MRI machines. The

Read More
17 Sep 2019

Data of Virtually All Ecuadoreans Leaked Online

An unsecured cloud server has exposed highly sensitive personal data of practically all 17 million Ecuadoran citizens, including 6.7 million children. The leaked data affects around 20 million people (living or dead) and includes names, phone numbers, financial information, tax records and even government ID numbers called cédulas de identidad.

Read More
12 Sep 2019

198M records exposed on misconfigured database belonging to Dealer Lead

An unsecured Elasticsearch database by Dealer Leads, a provider of marketing services to the automotive industry, exposed 198 million records including full names, email addresses, phone numbers, physical addresses, internet addresses and other sensitive data. The database was discovered by a researcher with Security Discovery in August of this year.

Read More
12 Sep 2019

Instagram Confirms Security Issue Exposed User Accounts And Phone Numbers

A recently uncovered vulnerability in Instagram’s contact importer could have allowed threat actors to access private user data including full names, phone numbers and Instagram account numbers and handles. Facebook, which owns Instagram, has confirmed the flaw and resolved the issue. Exploitation of the vulnerability involved brute-forcing Instagram’s login form.

Read More
12 Sep 2019

Major Groupon, Ticketmaster Fraud Scheme Exposed By Insecure Database

Researchers with vpnMentor recently uncovered an unsecured database exposing 17 million emails to the Internet. When they tried to trace and alert the owner, they discovered that the leaky server was controlled by a cybercriminal network as part of a vast scam targeting Groupon, Ticketmaster and other online ticket vendors.

Read More
12 Sep 2019

D-Link, Comba network gear leave passwords open for potentially whole world to see

Security researchers with Trustwave have discovered that certain DSL modems and Wi-Fi routers produced by D-Link and Comba expose user passwords to the Internet as the result of various firmware vulnerabilities. D-Link devices are affected by two firmware bugs, one of which makes it possible to view a file containing

Read More
05 Sep 2019

Unsecured Facebook Server Leaks Data Of 419 Million Users

Facebook has exposed the phone numbers of 419 million users via an unsecured server, a security researcher has discovered. The massive leak affects 133 million users from the US, 50 million from Vietnam and 18 million from the UK. The leaked data also includes the unique Facebook account ID that the

Read More
04 Sep 2019

XKCD Forum Breach Exposes Emails, Passwords of 562,000 Users

Over half a million fans of the popular XKCD webcomic have been impacted by a security incident on July 1 that exposed a large data collection of the XKCD forums. The forums are currently offline and have been replaced by a breach notification mentioning that parts of the XKCD forums

Read More
03 Sep 2019

Data Leak Hits 2.5 Million Customers of Cosmetics Giant Yves Rocher

Security researchers with vpnMentor recently discovered that retail consultancy firm Aliznet was leaking the data of 2.5 million Canadian Yves Rocher customers via an unsecured Elasticsearch database. The exposed data includes names, phone numbers, email addresses, dates of birth and postcodes. In addition, the researchers found six million customer orders

Read More