Browsing tag
Ghana’s National Service Secretariate – NSS – exposed 55GB worth of citizens’ data when an AWS S3 bucket used by the Secretariate suffered misconfiguration. VPNMentor’s cybersecurity researchers Noam Rotem and Ran Locar reported that Ghana’s National Service Secretariate – NSS – suffered a massive database misconfiguration that exposed data of up to 700,000 citizens from across […]
All a user required was to open Gumtree’s website and press the F12 button on Chrome or Firefox browsers to view users’ personal data. A UK-based classified site and used goods marketplace, Gumtree, exposed the home addresses of its users in its webpages source code. Gumtree is among the top 30 sites in Britain, and […]
Sennheiser left personal data of over 28,000 customers exposed on a misconfigured Amazon Web Services (AWS) server. According to a report from vpnMentor, the German audio equipment manufacturer, Sennheiser left an unsecured Amazon Web Services (AWS) server online. The server stored around 55GB of information on over 28,000 Sennheiser customers. AWS buckets are popular among […]
The database was left exposed on an Elasticsearch Cluster without any password or security authentication. StripChat is one of the top five adult cam sites on the internet. Earlier this month, this site suffered a database mess up that leaked sensitive data, including payment details and chat messages of roughly 200 million of the site’s […]
The data leak took place last month when the infamous Conti ransomware gang hacked Graff, a UK-based jewelry store Graff popular amongst the elite. In October 2021, the infamous Conti ransomware gang leaked thousands of records stolen from UK-based jewelry store Graff. In a surprising turn of events, the hackers have posted a statement to […]
Iranian Hackers Leaked Private Messages and sensitive data of 690,000 Israeli LGBTQ Dating App Atraf Users After $1 Million Ransom is Denied. An Iranian hacking group was denied its ransom demand worth around $1 million, after which it released sensitive private data of countless users of Atraf, an Israeli LGBTQ dating site. The group, known […]
The Quickfox VPN is mainly used by Chinese citizens living abroad who need to access Chinese websites as most of these sites are geo-restricted. Wizcase’s team of ethical researchers, led by Ata Hakcil, discovered a “critical leak” that the researchers found to be exposing personally identifiable information of at least one million users of a […]
At the time of publishing this article, the data was still exposed and growing as there has been no response from Hariexpress. The Brazilian E-commerce Marketplace Integrator platform Hariexpress (Hariexpress.com.br) has been caught exposing a massive trove of sensitive data belonging to its customers and vendors. In total, the company has exposed more than 610 […]
According to FarFaria, its apps are “created for children ages 2-9” meaning that the incident exposed children to cybercriminals. Another day, another data leak incident involving misconfigured and exposed MongoDB database – This time it is FarFaria, a San Francisco, CA-based company that offers storybooks for children service through Android and iOS apps. It all happened […]
Twitch has undergone a massive hack resulting in leaking the source code for its unreleased streaming service, creator payout details, and other sensitive information. The attack was carried out by a group that has labeled the leaked data as “Part One,” which indicates more installments will be coming up soon. According to sources, Twitch is […]
The data was exposed due to an unprotected Elasticsearch cluster and remained open to public access without any security authentication. Well-known security researcher Bob Diachenko discovered a ‘Giant’ blunder made by UK media outlet The Telegraph after it exposed 10 terabytes of subscribers’ data. According to Diachenko, the trove of records included subscriber information and […]
The Lockbit ransomware gang also claimed to have ”extra 200 GB” worth of Bangkok Airways data. On Thursday, Bangkok Airlines confirmed that the notorious LockBit ransomware gang ‘LockBit 2.0’ has stolen around 103 GB of data from the company and is now threatening to leak it online. Hackread.com can now confirm that the ransomware gang […]
EskyFun stored a trove of gamers’ data on an Elastricsearch server that was exposed to the public without any security authentication. The research team at vpnMentor reported an error on the part of famous Chinese Android game developer EskyFun that leaked sensitive data of at least one million online gamers. Reportedly, EskyFun used an unsecured Elasticsearch […]
The incident took place after the Elasticsearch server used by eHAC developers exposed the data due to misconfiguration. According to Indonesian health ministry official Anas Ma’ruf, the country’s COVID-19 test and trace application had an inherent security flaw due to which the personal information and health status of around 1.3 million individuals got exposed. Ma’ruf, […]
The hacker claims to have hacked T-Mobile’s production, development, and staging servers around two weeks back, including its Oracle database server. T-Mobile is currently investigating claims of unidentified hackers that they have stolen the personal data of 100 million of its customers. Some of the data is up for sale at a widely used hacker […]
The misconfigured S3 bucket was owned by SeniorAdvisor, a consumer ratings and reviews website. WizCase’s cybersecurity researchers discovered a misconfigured Amazon S3 bucket owned by SeniorAdvisor, one of the leading consumer ratings and reviews websites for senior care/services in the USA and Canada. The company aids senior citizens in finding care options in their localities. […]
The misconfigured Amazon S3 bucket belonged to Reindeer, a now-defunct marketing company based in the United States. Threat analysis from the WizCase security team led by Ata Hakçıl revealed a data leak impacting the now-defunct American marketing firm Reindeer. WizCase’s team of researchers identified that the data leak exposed sensitive personal data of the company, […]
Most of the email addresses checked by researchers contained .gov suffixes or indicated that the user worked for New York Police Department. In April 2021, a hacker dumped household data of 250 million Americans online, and now VPNMentor’s team of cybersecurity researchers led by Noam Rotem and Ran Locar discovered a misconfigured Cloud database stored on […]
In total, CPA exposed 502 GB worth of data without any security authentication. Anurag Sen, a security researcher identified a data leak in which a server belonging to the Calgary Parking Authority (CPA) was found exposing the private information of thousands of drivers across Calgary, including some user passwords. SEE: Database with millions of Instagram […]
The Elasticsearch database was left exposed without any security authentication which means it could have been accessed by anyone with access to a web browser, and a valid URL. Comparitech researchers published a report revealing details of an unprotected marketing database that leaked private details of about 35 million residents across Chicago, San Diego, and […]
The trove of data was left exposed unencrypted and without any password or security authentication. The team of IT security researchers at WizCase team discovered a misconfigured Amazon S3 bucket belonging to the online art retail service Artwork Archive. The incident affected around 7,000 customers including galleries, artists, and collectors. Private and Purchase Data Exposed […]