Search Results for "misconfiguration"

RENAPER (Argentina) January 1, 2018 • [ leak, misconfiguration, government ] poor security

Bethesda Game Studios January 1, 2018 • [ leak, misconfiguration, technology ] accidentally published

BMO and Simplii January 1, 2018 • [ hack, misconfiguration, financial ] poor security

Epic Games Fortnite January 1, 2018 • [ hack, misconfiguration, technology ] vulnerability

Exactis January 1, 2018 • [ leak, misconfiguration, technology ] poor security

Facebook January 1, 2018 • [ leak, misconfiguration, technology ] poor security

Typeform January 1, 2018 • [ hack, misconfiguration, technology ] poor security

WordPress January 1, 2018 • [ hack, misconfiguration, technology ] vulnerabilities in plugins

RENAPER (Argentina)[90] January 1, 2018 • [ leak, misconfiguration, government ] poor security

RENAPER (Argentina)[90][91] January 1, 2018 • [ leak, misconfiguration, government ] poor security

RENAPER (Argentina)[91][92] January 1, 2018 • [ leak, misconfiguration, government ] poor security

RENAPER (Argentina)[94][95] January 1, 2018 • [ hack, misconfiguration, government ] poor security

Lyrics Mania December 21, 2017 • [ leak, misconfiguration, technology ] In December 2017, the song lyrics website known as Lyrics Mania suffered a data breach. The data in the breach included 109k usernames, email addresses and plain text passwords. Numerous attempts were made to contact Lyrics Mania about the incident, however no responses were received.

PetFlow December 9, 2017 • [ leak, misconfiguration, retail ] In December 2017, the pet care delivery service PetFlow suffered a data breach which consequently appeared for sale on a dark web marketplace. Almost 1M accounts were impacted and exposed email addresses and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to "nano@databases.pw".

ai.type December 5, 2017 • [ leak, misconfiguration, technology ] In December 2017, the virtual keyboard application ai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.

dvd-shop.ch December 5, 2017 • [ leak, misconfiguration, retail ] In December 2017, the online Swiss DVD store known as dvd-shop.ch suffered a data breach. The incident led to the exposure of 68k email addresses and plain text passwords. The site has since been updated to indicate that it is currently closed.

Tenafly High School December 1, 2017 • [ insider, misconfiguration, education ] Tenafly High School informs parents that a student has gained access to its internal IT systems, changed grades to improve his GPA, and sent out college applications immediately after.

SchoolDesk November 6, 2017 • [ hack, misconfiguration, education ] Hackers from Team System Dz deface hundreds of websites across the US to post pro-ISIS messages, images of Saddam Hussein and a recruitment video. SchoolDesk, the Atlanta, Georgia-based web hosting company servicing these sites, confirmed the attack.

Hetzner November 1, 2017 • [ hack, misconfiguration, technology ] A key database operated by large South African data centre operator and website hosting service provider Hetzner is compromised, and the company advises clients to change their passwords immediately. Compromised data includes customer and bank account details.

blog October 26, 2017 • [ hack, misconfiguration, technology ] Two hackers going by the online handle of "n3tr1x" and "str0ng" deface the official blog (blog.jquery.com) of jQuery.

Search Results (misconfiguration)