Cyber breaches abound in 2019

Cyber breaches abound in 2019
https://techcrunch.com/2018/12/26/cyber-breaches-abound-in-2019/

News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.

Is this a harbinger of a worse hacking landscape in 2019?

The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also  data-driven businesses simultaneously move into the “target zone” of cyber attacks.

On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.

Here are links to some articles that can hopefully help you to handle your cyber security better:

Cybersecurity 101: Why you need to use a password manager
https://techcrunch.com/2018/12/25/cybersecurity-101-guide-password-manager/

Cybersecurity 101: Five simple security guides for protecting your privacy
https://techcrunch.com/2018/12/26/cybersecurity-101-security-guides-protect-privacy/

622 Comments

  1. Tomi Engdahl says:

    China database lists ‘breedready’ status of 1.8 million women
    https://www.theguardian.com/world/2019/mar/11/china-database-lists-breedready-status-of-18-million-women

    Dutch researcher finds cache of information including phone numbers, addresses and ages

    Reply
  2. Tomi Engdahl says:

    Facebook’s Data Deals Are Under Criminal Investigation
    https://www.nytimes.com/2019/03/13/technology/facebook-data-deals-investigation.html#click=https://t.co/q4p5Ubs8FE

    Federal prosecutors are conducting a criminal investigation into data deals Facebook struck with some of the world’s largest technology companies, intensifying scrutiny of the social media giant’s business practices as it seeks to rebound from a year of scandal and setbacks.

    Facebook was already facing scrutiny by the Federal Trade Commission and the Securities and Exchange Commission. And the Justice Department’s securities fraud unit began investigating it after reports that Cambridge Analytica, a political consulting firm, had improperly obtained the Facebook data of 87 million people and used it to build tools that helped President Trump’s election campaign.

    Reply
  3. Tomi Engdahl says:

    Colin Lecher / The Verge:
    ACLU releases documents showing ICE lets over 9,200 employees access a controversial license plate database with little oversight — The ACLU published the emails today — Immigration and Customs Enforcement allows thousands of employees to access a controversial license plate database …

    Thousands of ICE employees can access license plate reader data, emails show
    The ACLU published the emails today
    https://www.theverge.com/2019/3/13/18262141/ice-license-plate-reader-database-aclu-emails

    Reply
  4. Tomi Engdahl says:

    Adam Vaughan / New Scientist:
    FamilyTreeDNA will let users block law enforcement from accessing data after report found the company gave the FBI access; EU users are automatically opted out — One of the biggest home DNA-testing companies seems to have bowed to a backlash over its decision to allow the FBI access to its database …

    Home DNA-testing firm will let users block FBI access to their data
    https://www.newscientist.com/article/2196433-home-dna-testing-firm-will-let-users-block-fbi-access-to-their-data/

    Reply
  5. Tomi Engdahl says:

    Report – Gearbest Hack: Hundreds of Thousands Affected Daily by Huge Data Breach
    https://www.vpnmentor.com/blog/gearbest-hack/

    VPNMentor’s research team discovered a major security breach in Gearbest.

    With hundreds of thousands of sales every day, Gearbest is a highly successful Chinese e-commerce company.

    vpnMentor can exclusively reveal that Gearbest’s database is completely unsecured – as are those belonging to its sister companies.

    Our hackers could access different parts of Gearbest’s database, including:

    Orders database
    Data includes products purchased; shipping address and postcode; customer name; email address; phone number
    Payments and invoices database
    Data includes order number; payment type; payment information; email address; name; IP address
    Members database
    Data includes name; address; date of birth; phone number; email address; IP address; national ID and passport information; account passwords

    We accessed these databases in March 2019, and discovered 1.5+ million records.

    Reply
  6. Tomi Engdahl says:

    Report – Dalil Data Breach: 5+ Million Users’ Data Exposed by Unsecured App
    https://www.vpnmentor.com/blog/dalil-data-breach/

    Dalil is the biggest phone directory in Saudi Arabia.

    With more than 5 million downloads, Dalil is the 13th most popular communications app in the Kingdom. For context, this is where Viber and Telegram rank in the US. 96% of its users are in Saudi Arabia; the remainder are in Egypt and other Arab countries.

    Dalil’s Database is Unsecured
    However suspicious some permissions may seem, they are not the root cause of Dalil’s security issues.

    All the user data gathered by the app is stored in an unsecured and unmonitored MongoDB database. It’s reachable without authentication, giving hackers password-free access to millions of people’s data.

    As well as the application log, this database includes both harvested and voluntarily-submitted personal information.

    Reply
  7. Tomi Engdahl says:

    Gearbest security lapse exposed millions of shopping orders
    https://techcrunch.com/2019/03/14/gearbest-orders-exposed/

    Reply
  8. Tomi Engdahl says:

    Ad Network Sizmek Probes Account Breach
    https://krebsonsecurity.com/2019/03/ad-network-sizmek-probes-account-breach/

    Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers.

    In a recent posting to a Russian-language cybercrime forum, an individual who’s been known to sell access to hacked online accounts kicked off an auction for “the admin panel of a big American ad platform.”

    Reply
  9. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researchers find unsecured database of Chinese online shopping giant Gearbest exposing 1.5M+ records, including customer data, orders, and payments

    Gearbest security lapse exposed millions of shopping orders
    https://techcrunch.com/2019/03/14/gearbest-orders-exposed/

    Reply
  10. Tomi Engdahl says:

    Ransomware Attack on Vendor Affects 600,000
    Healthcare Billing Services Vendor Notifying Individuals of Potential Data Exposure
    https://www.inforisktoday.com/ransomware-attack-on-vendor-affects-600000-a-12164

    A ransomware attack last fall on a company that provides billing and other business services to health plans and hospitals resulted in a breach affecting more than 600,000 individuals, according to Michigan state officials.

    The incident highlights the difficulty some organizations have in determining whether to report ransomware attacks as breaches to comply with the HIPAA Breach Notification Rule.

    More than 600,000 Michigan residents may have had their information compromised in the breach at Detroit-based Wolverine Solutions Group, according to a statement from Michigan Attorney General Dana Nessel and Anita Fox, director of the state’s department of insurance and financial services.

    Reply
  11. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Medical records management software provider Meditab had an unsecured fax server, leaking thousands of faxes, with info like doctor’s notes on patients, daily

    A huge trove of medical records and prescriptions found exposed
    Thousands of health records and doctor’s notes were exposed daily
    https://techcrunch.com/2019/03/17/medical-health-data-leak/

    A health tech company was leaking thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left a server without a password.

    The little-known software company, California-based Meditab, bills itself as one of the leading electronic medical records software makers for hospitals, doctor’s offices, and pharmacies. The company, among other things, processes electronic faxes for healthcare providers, still a primary method for sharing patient files to other providers and pharmacies.

    But that fax server wasn’t properly secured, according to the security company that discovered the data.

    Reply
  12. Tomi Engdahl says:

    Fourth Major Credential Spill in a Month Hits DreamMarket
    https://threatpost.com/fourth-credential-spill-dreammarket/142901/

    Gnosticplayers has released about 26 million records from what he said are breaches of six new companies.

    The hacker behind more than 840 million account records appearing for sale on the Dark Web in February (in dumps collectively known as Collections 1-3) is back with 26.42 more records from six companies.

    The adversary, who goes by the handle Gnosticplayers, is asking just 1.2431 in Bitcoin (roughly $4,940), according to ZDnet, which spotted the records for sale on DreamMarket over the weekend.

    Reply
  13. Tomi Engdahl says:

    HERE’S WHAT IT’S LIKE TO ACCIDENTALLY EXPOSE THE DATA OF 230M PEOPLE
    https://www.wired.com/story/exactis-data-leak-fallout/

    STEVE HARDIGREE HADN’T even gotten to the office yet and his day was already a waking nightmare.

    As he Googled his company’s name that morning last June, Hardigree found a growing list of headlines pointing to the 10-person marketing firm he’d founded three years earlier, Exactis, as the source of a leak of the personal records of nearly everyone in the United States.

    Using the scanning tool Shodan, Troia identified a misconfigured Amazon ElasticSearch server that contained the database, and then downloaded it. There he found 230 million personal records and another 110 million related to businesses—more than two terabytes of information in total.

    MARKETING FIRM EXACTIS LEAKED A PERSONAL INFO DATABASE WITH 340 MILLION RECORDS
    https://www.wired.com/story/exactis-database-leak-340-million-records/

    YOU’VE PROBABLY NEVER heard of the marketing and data aggregation firm Exactis. But it may well have heard of you. And now there’s also a good chance that whatever information the company has about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look.

    Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses.

    Reply
  14. Tomi Engdahl says:

    E-Commerce Company Gearbest Leaked User Information
    https://www.securityweek.com/e-commerce-company-gearbest-leaked-user-information

    Chinese e-commerce company Gearbest has failed to properly secure some of its databases, thus leaking users’ personally identifiable information (PII), VPNMentor’s researchers have discovered. Gearbest has downplayed the impact of the incident, which it has blamed on an error made by a member of its security team.

    Highly successful, Gearbest sells electronics and appliances, clothing, accessories, and homeware. Owned by Chinese conglomerate Globalegrow, the company ships to most countries around the world and operates several internationally successful sites.

    Reply
  15. Tomi Engdahl says:

    Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web
    https://thehackernews.com/2019/03/data-breach-security.html

    A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web.

    Reply
  16. Tomi Engdahl says:

    257K Legal Documents Leaked By Unprotected Elasticsearch Server
    https://www.bleepingcomputer.com/news/security/257k-legal-documents-leaked-by-unprotected-elasticsearch-server/

    An unprotected 4.7 GB Elasticsearch cluster found on a US-based Amazon AWS server exposed 257,287 sensitive legal documents that came with a “not designated for publication” label.

    Security researcher Bob Diachenko who discovered the passwordless Elasticsearch server told BleepingComputer that he “analyzed 250-sampled extract, docs are compiled based on ‘type’ (which is ‘opinion’). Cases are from the 2002-2010 era, from all over the United States.”

    The exposed database of legal documents was uncovered as part of a greater scale initiative designed to discover misconfigured noSql databases (i.e., MongoDB, CouchDB, Elasticsearch) and report the findings to the organizations responsible to secure them.

    Reply
  17. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Medical records management software provider Meditab had an unsecured fax server, leaking thousands of faxes, with info like doctor’s notes on patients, daily

    A huge trove of medical records and prescriptions found exposed
    https://techcrunch.com/2019/03/17/medical-health-data-leak/

    Reply
  18. Tomi Engdahl says:

    Education and Science Giant Elsevier Left Users’ Passwords Exposed Online
    Due a to a misconfigured server, a researcher found a constant stream of Elsevier users’ passwords.
    https://motherboard.vice.com/en_us/article/vbw8b9/elsevier-user-passwords-exposed-online

    Elsevier, the company behind scientific journals such as The Lancet, left a server open to the public internet, exposing user email addresses and passwords. The impacted users include people from universities and educational institutions from across the world.

    It’s not entirely clear how long the server was exposed or how many accounts were impacted, but it provided a rolling list of passwords as well as password reset links when a user requested to change their login credentials.

    “Most users are .edu [educational institute] accounts, either students or teachers,” Mossab Hussein, chief security officer at cybersecurity company SpiderSilk who found the issue, told Motherboard in an online chat. “They could be using the same password for their emails, iCloud, etc.”

    Elsevier is controversial, after acquiring a number of platforms that distributed academic material for free. Profit-driven Elsevier’s legal threats against other sites that openly host millions of scientific papers have forced them to go into the digital underground, and distribute their material with the protection of the Tor anonymity network. Some universities have boycotted Elsevier.

    Reply
  19. Tomi Engdahl says:

    Kaiser Health News:
    Report: US has spent $36B digitizing health records, which has risked patient safety with thousands of reports of deaths and injuries tied to software glitches

    Death By 1,000 Clicks: Where Electronic Health Records Went Wrong
    https://khn.org/news/death-by-a-thousand-clicks/

    The U.S. government claimed that turning American medical charts into electronic records would make health care better, safer, and cheaper. Ten years and $36 billion later, the system is an unholy mess. Inside a digital revolution that took a bad turn.

    Reply
  20. Tomi Engdahl says:

    Consumers May Lose Sleep Over These Two New Magecart Breaches
    https://www.riskiq.com/blog/labs/magecart-mypillow-amerisleep/

    We’ve now seen Magecart conduct numerous high-profile digital credit card-skimming attacks against major international companies to win unprecedented attention. Alongside British Airways, these attacks affected other brand names like Ticketmaster and Newegg.

    In this blog, we’ll document two Magecart-related breaches against bedding retailers MyPillow and Amerisleep. One has been resolved but was never disclosed,

    Reply
  21. Tomi Engdahl says:

    Facebook Stored Passwords of Hundreds of Millions Users in Plain Text
    https://www.securityweek.com/facebook-stored-passwords-hundreds-millions-users-plain-text

    Facebook today admitted to have stored the passwords of hundreds of millions of its users in plain text, including the passwords of Facebook Lite, Facebook, and Instagram users.

    Reply
  22. Tomi Engdahl says:

    Lorenzo Franceschi-Bicchierai / Motherboard:
    A consumer spyware vendor has left a server with 95K+ images and 25K+ audio recordings exposed, and has not fixed the leak yet, despite being warned weeks ago

    This Spyware Data Leak Is So Bad We Can’t Even Tell You About It
    https://motherboard.vice.com/en_us/article/j573k3/spyware-data-leak-pictures-audio-recordings

    A consumer spyware vendor left a lot of incredibly sensitive and private data, including intimate pictures and private call recordings, for all to see on a server freely accessible over the internet. And it still hasn’t taken the data down.

    A company that sells consumer-grade software that lets customers spy on other people’s calls, messages, and anything they do on their cell phones left more than 95,000 images and more than 25,000 audio recordings on a database exposed and publicly accessible to anyone on the internet. The exposed server contains two folders with everything from intimate pictures to recordings of phone calls, given that the app markets itself mostly to parents.

    This breach is just the latest in a seemingly endless series of exposures or leaks of incredibly sensitive data collected by companies that promise to provide services for parents to keep children safe, monitor employees, or spy on spouses. In the last two years, there have been 12 stalkerware companies that have either been breached or left data exposed online: Retina-X (twice), FlexiSpy, Mobistealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9, and Xnore.

    Reply
  23. Tomi Engdahl says:

    Over 20,000 Facebook employees had access to 600 million user passwords
    https://www.engadget.com/2019/03/21/facebook-user-passwords-plain-text/?sr_source=Facebook&fbclid=IwAR2yAnc826Zaz_ECjms2WFK27tm7wtXb_gFCIIJZSf4t0vNKEyDQSDd0vqI&guccounter=1

    It will notify hundreds of millions of users after discovering credentials were stored in plain text.

    Reply
  24. Tomi Engdahl says:

    A family tracking app was leaking real-time location data
    https://techcrunch.com/2019/03/23/family-tracking-location-leak/

    A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password.

    The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time

    the backend MongoDB database was left unprotected and accessible by anyone who knew where to look.

    Based on a review of the database, each account record contained a user’s name, email address, profile photo and their plaintext passwords. Each account also kept a record of their own and other family members’ real-time locations precise to just a few feet. Any user who had a geofence set up also had those coordinates stored in the database, along with what the user called them — such as “home” or “work.”

    None of the data was encrypted.

    Reply
  25. Tomi Engdahl says:

    Washington Post:
    DHS watchdog report says FEMA exposed personal info of ~2.3M US disaster survivors, including some personal addresses and banking info, to a federal contractor

    FEMA ‘major privacy incident’ reveals data from 2.5 million disaster survivors
    https://www.washingtonpost.com/national/health-science/fema-data-breach-hits-25-million-disaster-survivors/2019/03/22/3e2c6232-4cec-11e9-93d0-64dbcf38ba41_story.html?utm_term=.9c278e0ea024

    The Federal Emergency Management Agency shared personal addresses and banking information of more than 2 million U.S. disaster survivors in what the agency acknowledged Friday was a “major privacy incident.”

    The data mishap, discovered recently and the subject of a report by the Department of Homeland Security’s Office of Inspector General, occurred when the agency shared sensitive, personally identifiable information of disaster survivors who used FEMA’S Transitional Sheltering Assistance program, according to officials at FEMA. Those affected included the victims of California wildfires in 2017 and Hurricanes Harvey, Irma and Maria, the report said.

    In a statement, Lizzie Litzow, FEMA’s press secretary, said, “FEMA provided more information than was necessary” while transferring disaster survivor information to a contractor.

    Reply
  26. Tomi Engdahl says:

    Industry Reactions to Norsk Hydro Breach: Feedback Friday
    https://www.securityweek.com/industry-reactions-norsk-hydro-breach-feedback-friday

    Norwegian aluminum giant Norsk Hydro has been hit by a serious ransomware attack that caused disruptions at some of its plants and forced the company to turn to manual processes to fulfill customer orders.

    The attack appears to have involved file-encrypting ransomware known as LockerGoga. However, Norsk Hydro claims it has good backups in place that should help it restore compromised files without having to pay the ransom.

    Cybersecurity expert Kevin Beaumont (blog post on his thoughts and analysis of the attack):

    “Hydro started the best incident representation response plan I’ve ever seen — they had a temporary website up, they told the press, they told their staff, they apparently didn’t hide any details — they even had daily webcasts with the most senior staff talking through what was happening, and answering questions.

    In contrast to some other incidents, their stock price actually went up — despite a difficult trading period for past 2 years involving some major business setbacks, they have actually gained in value.

    Ray Walsh, digital privacy expert, BestVPN.com:

    “The surge in the price of aluminum since the cyber attack on the Norwegian producer Norsk Hydro is a stark reminder of the possible ramifications of targeted cyber attacks. Anytime that a large firm has a strong direct influence on the production of a material, it is possible that a large attack of this nature could disrupt distribution levels and therefore affect prices.

    Malcolm Taylor, Director Cyber Advisory, ITC Secure:

    “Supply chain risk through cyberattack has come to the fore recently. Not, I believe, because it’s become a greater issue or because of attacks like this which are highlighting it, but simply because there is a growing understanding of the inter-connected nature of modern commercial activity and just in time production, and crucially how empowered that is by technology. It may also be a factor, though I think sadly a smaller one, that as firms mature their cyber security, they have the wherewithal, in terms of understanding, time and budget, to begin to get to grips with the problem of their suppliers, which has made the issue gain prominence.

    Tyler Moffitt, Security Analyst, Webroot:

    “LockerGoga is a new ransomware variant that appears to be targeting European companies. So far, the notable victims have been Altran in France on Jan. 25 and Norsk Hydro in Norway in the past 24 hours. The encryption process used by LockerGoga is slow because it creates a new process each times it encrypts a new file and also exhibits no detection evasion techniques, showing a lack of sophistication. LockerGoga was signed using a valid Digital Certificate which has since been revoked.”

    Dean Weber, CTO, Mocana:

    “The Norsk Hydro attack goes to show that the reliance of operational technology (OT) systems on information technology (IT) platforms means that any attack is likely to impact both in industrial environments. By targeting and disabling IT systems, adversaries are able to cause a variety of subsequent issues affecting OT input/output, storage, data recorders, ICS/SCADA platforms and more. Why is the impact so widespread? Professionals are forced to disconnect IT systems for either protection purposes or for remediation activities.

    Reply
  27. Tomi Engdahl says:

    Watchdog: FEMA Wrongly Released Personal Data of Victims
    https://www.securityweek.com/watchdog-fema-wrongly-released-personal-data-victims

    The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and theft, a government watchdog reported Friday.

    Reply
  28. Tomi Engdahl says:

    Glitch Exposes the Passwords of Roughly Half Billion Facebook and Instagram Users
    https://www.pandasecurity.com/mediacenter/social-media/glitch-facebook-instagram/

    Facebook exposed millions of user passwords to employees
    https://www.welivesecurity.com/2019/03/22/facebook-exposed-millions-passwords-employees/

    The social network says that the passwords were never exposed externally and that it found no abuse of the glitch

    Reply
  29. Tomi Engdahl says:

    Facebook stored millions of passwords in plain text
    By Sead Fadilpašić 2019-03-22T12:30:09Z Security
    https://www.itproportal.com/news/facebook-stored-millions-of-passwords-in-plain-text/

    Facebook employees have had access to the database, but apparently have not abused it.

    Reply
  30. Tomi Engdahl says:

    Nokia phones may have breached user data
    And may have sent it to the Chinese.
    https://www.itproportal.com/news/nokia-phones-may-have-breached-user-data/

    Reports are coming in that a certain Nokia phone model may have leaked personal information to a Chinese server, and Finnish authorities are moving in to investigate.

    The news was confirmed by Reuters recently, which confirmed that Finland’s data protection ombudsman would investigate the matter.

    Ombudsman Reijo Aarnio told Reuters he’d look into any potential breaches that involved “personal information and if there has been a legal justification for this.”

    According to local media, the device in question is the Nokia 7 Plus. The company that makes these phones, HMD Global, said that an “unspecified number” of these devices sent data to a Chinese server.

    Nokia, the company, didn’t want to comment.

    NRK:n paljastukset jatkuvat – Nokia 2 ja 7 Plus -mallien lisäksi myös kahdessa muussa mallissa on sovellus, joka välittää tietoja Kiinaan
    https://yle.fi/uutiset/3-10701507

    Yksityishenkilön mukaan Nokia 2 -puhelinmalli olisi välittänyt tietoja kiinalaispalvelimelle vähintään yhdeksän kuukauden ajan. NRK testasi kahta muutakin Nokia-puhelinta, ja löysi niistä lähes saman sovelluksen kuin Plus 7 -mallissa.

    Reply
  31. Tomi Engdahl says:

    Family tracking app leaked real-time location data for weeks
    It would have let intruders spy on a child’s whereabouts.
    https://www.engadget.com/2019/03/24/family-tracking-app-leaked-real-time-location-data/

    Family tracking apps can be very helpful if you’re worried about your kids or spouse, but they can be nightmarish if that data falls into the wrong hands. Security researcher Sanyam Jain has revealed to TechCrunch that React Apps’ Family Locator left real-time location data (plus other sensitive personal info) for over 238,000 people exposed for weeks in an insecure database. It showed positions within a few feet, and even showed the names for the geofenced areas used to provide alerts. You could tell if parents left home or a child arrived at school, for instance.

    Reply
  32. Tomi Engdahl says:

    Kaksi suomalaispalvelua murrettiin – yli 300 000:lle kehotus vaihtaa salasana
    https://www.is.fi/digitoday/tietoturva/art-2000006044515.html

    Taloyhtio.Info- ja Tallier.Info-palvelut ovat joutuneet tietomurron kohteeksi. Teleoperaattori Telian omistaman Nebulan palvelimille päässeet murtautujat ovat saattaneet saada haltuunsa käyttäjien sähköpostiosoitteet, nimet ja salasanat.

    Reply
  33. Tomi Engdahl says:

    https://www.tivi.fi/Kaikki_uutiset/suomalaispalveluun-tehtiin-tietomurto-yli-300-000-kayttajaa-suositellaan-vaihtamaan-salasanansa-6761887

    Taloyhtiöiden asukkaiden elämää helpottavaan Taloyhtio.info -palveluun on tehty tietomurto. Yksityiskohdat ovat vielä enimmäkseen hämärän peitossa, mutta kaikkia käyttäjiä kehotetaan vaihtamaan salasanansa.

    Reply
  34. Tomi Engdahl says:

    Over 100,000 GitHub repos have leaked API or cryptographic keys
    Thousands of new API or cryptographic keys leak via GitHub projects every day.
    https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/

    A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with thousands of new repositories leaking new secrets on a daily basis.

    Reply
  35. Tomi Engdahl says:

    This Spyware Data Leak Is So Bad We Can’t Even Tell You About It
    https://motherboard.vice.com/en_us/article/j573k3/spyware-data-leak-pictures-audio-recordings

    A consumer spyware vendor left a lot of incredibly sensitive and private data, including intimate pictures and private call recordings, for all to see on a server freely accessible over the internet. And it still hasn’t taken the data down.

    Reply
  36. Tomi Engdahl says:

    2 Million Emails of 350K+ Clients Possibly Exposed in Oregon DHS Data Breach
    https://www.bleepingcomputer.com/news/security/2-million-emails-of-350k-clients-possibly-exposed-in-oregon-dhs-data-breach/

    The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information (PHI) from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack.

    According to the Oregon DHS, its Enterprise Security Office Cyber Security team was the one which determined that the email boxes were breached on January 28, 2019.

    Reply
  37. Tomi Engdahl says:

    Unnamed stalkerware company has left gigabytes of sensitive personal info unprotected on the web and can’t be reached to fix it
    https://boingboing.net/2019/03/22/jfc-srsly-jfc.html

    Security researcher Cian Heasley discovered an unprotected online storage folder accessible via the web that contains all the data that stalkers and snoops took from their victims’ devices via a commercial program that steals photos and recordings from their devices.

    Included in the leak are 3.7GB of MP3 recordings (25,000 in total) of personal phone calls and 16GB of images (95,000 in total), including very sensitive and personal images.

    Both Heasley and Motherboard have repeatedly contacted the stalkerware company to alert them to the breach, but they have not received a response, despite multiple attempts. Out of an abundance of caution, Motherboard has not named the company while its customers’ victims’ date is exposed.

    Reply
  38. Tomi Engdahl says:

    Asus was warned of hacking risks months ago, thanks to leaky passwords
    https://techcrunch.com/2019/03/27/asus-hacking-risk/

    A security researcher warned Asus two months ago that employees were improperly publishing passwords in their GitHub repositories that could be used to access the company’s corporate network.

    “Companies have no clue what their programmers do with their code on GitHub,” said the researcher.

    Granted, this isn’t an issue limited to Asus. Other companies have been put at risk by exposed and leaked credentials or hardcoded secret keys. Last week, academics found more than 100,000 public repos storing cryptographic keys and other secrets.

    Reply
  39. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Rela, a popular Chinese lesbian dating app, exposed data on 5M users, including dates of birth, height and weight, and sexual preferences, since June 2018

    Rela, a Chinese lesbian dating app, exposed 5 million user profiles
    https://techcrunch.com/2019/03/27/rela-data-exposed/

    Rela (热拉), a popular dating app for gay and queer women, has exposed millions of user profiles and private data because a server wasn’t protected with a password.

    Victor Gevers, a security researcher at the GDI Foundation, found the exposed database this week, he told TechCrunch, containing more than 5.3 million app users.

    It’s believed the database had been exposed since June 2018

    “The privacy of five-plus million LGBTQ+ people face a lot of social challenges in China because there are no laws protecting them from discrimination,” said Gevers. “This data leak that has been open for years makes it even more damaging for the people involved who were exposed.”

    Reply
  40. Tomi Engdahl says:

    How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories
    https://www.ndss-symposium.org/ndss-paper/how-bad-can-it-git-characterizing-secret-leakage-in-public-github-repositories/

    GitHub and similar platforms have made public collaborative development of software commonplace. However, a problem arises when this public code must manage authentication secrets, such as API keys or cryptographic secrets. These secrets must be kept private for security, yet common development practices like adding these secrets to code make accidental leakage frequent.

    Reply
  41. Tomi Engdahl says:

    Nearly a Billion People’s Private Data Leaked in ‘BIGGEST BREACH
    https://sputniknews.com/amp/business/201903291073670978-biggest-breach-private-data-leaked/?__twitter_impression=true

    The breach was spotted accidentally when a security expert logged into an “email validation” firm’s website, and, having passed the verification stage, woke up to the fact that he had gained access to unknown people’s personal details.

    Security researchers have discovered that the email addresses of roughly 982 million people have been leaked

    While it is not yet known whether the breached data was accessed by any criminals, there is one positive thing about the whole matter: no passwords or credit card details were leaked on the database

    800+ Million Emails Leaked Online by Email Verification Service
    https://www.linkedin.com/pulse/800-million-emails-leaked-online-email-verification-bob-diachenko

    On February 25th, 2019, I discovered a non-password protected 150GB-sized MongoDB instance. This is perhaps the biggest and most comprehensive email database I have ever reported. Upon verification I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection.

    Reply
  42. Tomi Engdahl says:

    https://haveibeenpwned.com/PwnedWebsites#VerificationsIO

    Verifications.io
    In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes

    Reply
  43. Tomi Engdahl says:

    Brian Krebs / Krebs on Security:
    Earl of Sandwich and Planet Hollywood restaurant franchise owner admits a breach of its PoS systems where 2M+ credit and debit card details may have been stolen

    A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach
    https://krebsonsecurity.com/2019/03/a-month-after-2-million-customer-cards-sold-online-buca-di-beppo-parent-admits-breach/

    On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems

    Reply
  44. Tomi Engdahl says:

    Millions of Toyota Customers in Japan Hit by Data Breach
    https://www.securityweek.com/millions-toyota-customers-japan-hit-data-breach

    Personal information belonging to millions of Toyota customers in Japan may have been compromised as a result of a breach suffered by a Toyota Motor Corporation (TMC) sales subsidiary and its affiliates.

    Reply
  45. Tomi Engdahl says:

    Bezos Investigation Finds the Saudis Obtained His Private Data
    The National Enquirer’s lawyer tried to get me to say there was no hacking.
    https://www.thedailybeast.com/jeff-bezos-investigation-finds-the-saudis-obtained-his-private-information?ref=home

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*