Security researchers are warning that Google’s Calendar settings put billions of users at risk of accidentally exposing their personal or work calendars to the Internet. While this risk doesn’t result from a security vulnerability, analysts say that Google doesn’t adequately inform users that using a link to share their calendar

A recent study by Greenbone Networks uncovered 590 unprotected Picture Archiving and Communication System (PACS) servers across 52 countries that left a total of 24.3 million patient records exposed to the Internet. Healthcare organizations use PACS to store medical data from imaging devices like X-Ray, CT, or MRI machines. The

An unsecured cloud server has exposed highly sensitive personal data of practically all 17 million Ecuadoran citizens, including 6.7 million children. The leaked data affects around 20 million people (living or dead) and includes names, phone numbers, financial information, tax records and even government ID numbers called cédulas de identidad.

An unsecured Elasticsearch database by Dealer Leads, a provider of marketing services to the automotive industry, exposed 198 million records including full names, email addresses, phone numbers, physical addresses, internet addresses and other sensitive data. The database was discovered by a researcher with Security Discovery in August of this year.

A recently uncovered vulnerability in Instagram’s contact importer could have allowed threat actors to access private user data including full names, phone numbers and Instagram account numbers and handles. Facebook, which owns Instagram, has confirmed the flaw and resolved the issue. Exploitation of the vulnerability involved brute-forcing Instagram’s login form.

Researchers with vpnMentor recently uncovered an unsecured database exposing 17 million emails to the Internet. When they tried to trace and alert the owner, they discovered that the leaky server was controlled by a cybercriminal network as part of a vast scam targeting Groupon, Ticketmaster and other online ticket vendors.

Security researchers with Trustwave have discovered that certain DSL modems and Wi-Fi routers produced by D-Link and Comba expose user passwords to the Internet as the result of various firmware vulnerabilities. D-Link devices are affected by two firmware bugs, one of which makes it possible to view a file containing

Facebook has exposed the phone numbers of 419 million users via an unsecured server, a security researcher has discovered. The massive leak affects 133 million users from the US, 50 million from Vietnam and 18 million from the UK. The leaked data also includes the unique Facebook account ID that the

Over half a million fans of the popular XKCD webcomic have been impacted by a security incident on July 1 that exposed a large data collection of the XKCD forums. The forums are currently offline and have been replaced by a breach notification mentioning that parts of the XKCD forums

Security researchers with vpnMentor recently discovered that retail consultancy firm Aliznet was leaking the data of 2.5 million Canadian Yves Rocher customers via an unsecured Elasticsearch database. The exposed data includes names, phone numbers, email addresses, dates of birth and postcodes. In addition, the researchers found six million customer orders