Big Data | SC Media

Big Data

Unsecured server exposes 4 billion records, 1.2 billion people

Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…

Adobe leaves Creative Cloud database open, 7.5 million users exposed

An unsecured Elasticsearch database left exposed the account information of about 7.5 million Adobe Creative Cloud users. Comparitech, in association with security researcher Bob Diachenko, found the Adobe database, which could be accessed without a password or any login credentials. The company was notified on October 19 and the database was locked down that day.…

facebook server

Sleeping on the job? Verlo Mattress Factory exposes database

It looks like Verlo Mattress Factory forgot to leave off the last “S” for security: A security researcher has come across an open Elastic database set containing 387,000 records associated with customers of Verlo Mattress Factory. Jeremiah Fowler, senior security researcher with SecurityDiscovery.com, reported that he discovered the non-password protected database on September 5 that…

Gogo caught using fake Google SSL certificates

Malinda Air locks down publicly exposed servers

Indonesian budget airline Malindo Air reported on September 19 it had locked down the formerly publicly exposed servers that had compromised passenger data. The airline had confirmed just one day prior that passenger data had been compromised and that it was working with Amazon Web Services and its e-commerce partner GoQuo to investigate the problem.…

Secure signin

CirclCI data breach exposed customer GitHub and Bitbucket logins

The software integration firm CircleCI is informing its clients a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts. The company said in a statement it was informed of the breach on August 31, but affected customers who accessed the CircleCI platform starting June 30, 2019. The information compromised…

emails

Webcomic XKCD forum user data exposed

In an incident practically ripped from the plot of one of its own stories, the webcomic XKCD reported that user data from its online forum section was found in an exposed database. XKCD, which labels itself a “webcomic of romance, sarcasm, math, and language,” posted in a brief note that portions of its PHPBB user…

One million Luscious porn site accounts compromised

Researchers at VPNMentor were able to access almost more than one million user accounts associated with the pornographic website Luscious. VPNMentor’s Noam Rotem and Ran Locar found 1.195 million records associated with the one million registered site users containing a variety of information that could be ruinous to the individuals if released. The nature of…

Data on 300K QuickBit crypto exchange customers exposed

The Swedish cryptocurrency exchange QuickBit was hit with a data breach affecting about 2 percent of its customer base through an unprotected MongoDB. Published reports put the number of accounts exposed at 300,000 with QuickBit stating the data involved was left unprotected while it was being migrated to a safer environment with names, addresses, e-mail…

5M records exposed by misconfigured MedicareSupplement.com MongoDB

A MedicareSupplment.com MongoDB containing more than five million records was found open to the public containing a wide range of PII. The records were found by the security firm Comparitech and researcher Bob Diachenko on May 13 containing first and last name, full address, IP address, email address, date of birth, gender and marketing-related information.…

Facebook’s xSocialMedia ad agency exposes 150K medical histories

Multiple databases belonging to the Facebook ad agency xSocialMedia have been found open exposing almost 150,000 records containing a wide variety of medical information derived from marketing campaigns run for medical malpractice lawsuits. The files were found by vpnMentor on June 2, and which have since been secured. The exposed information was gathered through Facebook…

Next post in Health Care