Full List

Search

Search Results (misconfiguration)

• Adobe Inc. January 1, 2019 • [ hack, misconfiguration, technology ] poor security
• Airtel January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• Amazon Japan G.K. January 1, 2019 • [ leak, misconfiguration, retail ] accidentally published
• Capital One January 1, 2019 • [ leak, misconfiguration, financial ] unsecured S3 bucket
• ElasticSearch January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• Facebook January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• Facebook January 1, 2019 • [ leak, misconfiguration, technology ] accidentally uploaded
• Facebook January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• First American Corporation January 1, 2019 • [ leak, misconfiguration, financial ] poor security
• Justdial January 1, 2019 • [ leak, misconfiguration, technology ] unprotected api
• Microsoft January 1, 2019 • [ leak, misconfiguration, technology ] data exposed by misconfiguration
• Quest Diagnostics January 1, 2019 • [ misconfiguration, healthcare ] poor security
• Verifications.io (first leak) January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• Verifications.io (total leaks) January 1, 2019 • [ leak, misconfiguration, technology ] poor security
• IIMJobs December 31, 2018 • [ hack, leak, misconfiguration ] In December 2018, the Indian job portal IIMJobs suffered a data breach that exposed 4.1 million unique email addresses. The data also included names, phone numbers, geographic locations, dates of birth, job titles, job applications and cover letters plus passwords stored as unsalted MD5 hashes. The data was provided to HIBP by dehashed.com.
• OGUsers (2019 breach) December 26, 2018 • [ hack, misconfiguration, technology ] In May 2019, the account hijacking and SIM swapping forum OGusers suffered a data breach. The breach exposed a database backup from December 2018 which was published on a rival hacking forum. There were 161k unique email addresses spread across 113k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.
• The Wall Street Journal's website December 17, 2018 • [ hack, misconfiguration, technology ] The Wall Street Journal's website is defaced with a post containing a fake apology supporting YouTube megastar PewDiePie, previously accused of antisemitism by the same paper.
• Mappery December 11, 2018 • [ leak, misconfiguration, technology ] In December 2018, the mapping website Mappery suffered a data breach that exposed over 205k unique email addresses. The incident also exposed usernames, the geographic location of the user and passwords stored as unsalted SHA-1 hashes. No response was received from Mappery when contacted about the incident.
• City of Topeka December 7, 2018 • [ hack, misconfiguration, government ] Another possible Click2Gov breach: Topeka's third-party payment vendor is breached possibly exposing the personal information of about 10,000 residents.
• Bombuj.eu December 7, 2018 • [ leak, misconfiguration, technology ] In December 2018, the Slovak website for watching movies online for free Bombuj.eu suffered a data breach. The incident exposed over 575k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Bombuj.eu when contacted about the incident.