23 Nov 2021

Data from millions of Brazilians exposed in Wi-Fi management software firm leak

The data of millions of Brazilians have been exposed by WSpot, a software provider that enables businesses to secure on-premise Wi-Fi networks and allow password-free online access to customers. The leak was discovered by SafetyDetectives after researchers found WSpot’s misconfigured Amazon Web Services bucket left exposed. The bucket contained 10GB

Read More
17 Aug 2021

Misconfigured Server Leaks US Terror Watchlist

Bob Diachenko, head of security research for Comparitech, stated that he discovered a configuration error that leaked a secret watchlist of suspected terrorists maintained by the FBI. Diachenko stated that he discovered the Terrorist Screening Center (TSC) list on July 19. The server was not fixed for several weeks despite

Read More
18 Jun 2021

A Billion CVS Records Exposed

More than one billion records pertaining to customers at CVS have been exposed due to a misconfiguration error on the service’s cloud database. The database was left unprotected, without a password required to access the sensitive data. The leak was discovered by researcher Jeremiah Fowler, who determined the size of

Read More
20 May 2021

Android apps exposed data of millions of users through cloud authentication failures

Check Point Research published a report on Thursday detailing Android apps that contain critical cloud misconfiguration that allow for the potential exposure of data belonging to 100 million users. The report states that 23 popular mobile apps contain a variety of misconfiguration of third-party cloud services, which are widely used

Read More
23 Sep 2020

Google Cloud Buckets Exposed in Rampant Misconfiguration

According to a new analysis, highly sensitive information is publicly available in a large percentage of cloud databases due to misconfiguration errors. A new survey of 2,064 Google Cloud buckets found that 6% were left open to the public internet, allowing anybody to access their contents. Among the exposed data

Read More
06 Jul 2020

V Shred Exposes Pics and PII on 100,000 Customers

V Shred, a US-based fitness company, suffered from a massive data breach due to a misconfigured Amazon database that left sensitive personal data and revealing photos of 100,000 customers open to the public. The S3 bucket contained over 1.3 million individual files, according to vpnMentor who discovered the leak on

Read More
06 May 2020

Hack Brief: An Adult Cam Site Exposed 10.88 Billion Records

CAM4, a popular adult video streaming platform, has been the victim of a data breach that exposed 10.88 billion records, including 7 terabytes of names, payment logs, email and chat transcripts, and sexual orientations. Safety Detectives, a security review site, reported that CAM4 had misconfigured an ElasticSearch production database and

Read More