Big Data | SC Media Big Data

Big Data

Best practices for reducing third-party risk

The simple truth is that the security measures organizations put in place are not enough to protect them from threats. Third parties can present the greatest area of risk exposure — both for data security and for regulatory compliance. It is much easier for hackers to penetrate smaller third-party vendors to get to larger business…

Wyze Labs data breach exposes 2.4 million, includes PHI

Security camera and smart device maker Wyze Labs has confirmed a data breach that left exposed a database containing information on reportedly 2.4 million of its users. Wyze Co-founder Dongsheng Song confirmed the data breach on December 27 and said the exposed database contained a large amount of personal, product and some medical information. Username…

1.6 billion LightInTheBox customer records left exposed

An unsecured database operated by the online retailer LightInTheBox left 1.3TB of data containing 1.6 billion shopper records exposed for a three-month period this year. In what the breach discovers VPNMentor described as a major lapse in LighInTheBox’s data security and potentially devastating to the victims exposing them to not only a cyberattack but potentially…

Unsecured server exposes 4 billion records, 1.2 billion people

Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…

Adobe leaves Creative Cloud database open, 7.5 million users exposed

An unsecured Elasticsearch database left exposed the account information of about 7.5 million Adobe Creative Cloud users. Comparitech, in association with security researcher Bob Diachenko, found the Adobe database, which could be accessed without a password or any login credentials. The company was notified on October 19 and the database was locked down that day.…

facebook server

Sleeping on the job? Verlo Mattress Factory exposes database

It looks like Verlo Mattress Factory forgot to leave off the last “S” for security: A security researcher has come across an open Elastic database set containing 387,000 records associated with customers of Verlo Mattress Factory. Jeremiah Fowler, senior security researcher with SecurityDiscovery.com, reported that he discovered the non-password protected database on September 5 that…

Gogo caught using fake Google SSL certificates

Malinda Air locks down publicly exposed servers

Indonesian budget airline Malindo Air reported on September 19 it had locked down the formerly publicly exposed servers that had compromised passenger data. The airline had confirmed just one day prior that passenger data had been compromised and that it was working with Amazon Web Services and its e-commerce partner GoQuo to investigate the problem.…

Secure signin

CirclCI data breach exposed customer GitHub and Bitbucket logins

The software integration firm CircleCI is informing its clients a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts. The company said in a statement it was informed of the breach on August 31, but affected customers who accessed the CircleCI platform starting June 30, 2019. The information compromised…

emails

Webcomic XKCD forum user data exposed

In an incident practically ripped from the plot of one of its own stories, the webcomic XKCD reported that user data from its online forum section was found in an exposed database. XKCD, which labels itself a “webcomic of romance, sarcasm, math, and language,” posted in a brief note that portions of its PHPBB user…

One million Luscious porn site accounts compromised

Researchers at VPNMentor were able to access almost more than one million user accounts associated with the pornographic website Luscious. VPNMentor’s Noam Rotem and Ran Locar found 1.195 million records associated with the one million registered site users containing a variety of information that could be ruinous to the individuals if released. The nature of…

Next post in Data Breach