Data Leaks of the Week – April 26, 2019

News

Avatar CybelAngel • April 26, 2019

A curated list of the top stories of the week concerning data leaks and digital threats.

Hacker breaks into french government’s new secure messaging app

By Swati Khandelwal, April 19, 2019, The Hacker News

A white-hat hacker found a way to get into the French government’s newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with government identities.

Bodybuilders beware! One of the world’s largest online fitness stores hit by security breach

By Graham Cluley,  April 24, 2019, Hot For Security

Bodybuilding.com, one of the world’s largest and most popular online fitness stores, admitted that it had suffered a security breach that might have exposed customer data. Information which may have been accessed by the hackers include customers’ names, email addresses, and billing and shipping addresses.

Hotspot finder app blabs 2 million Wi-Fi network passwords

By Lisa Vaas, April 23, 2019, Naked Security

Thousands of people who downloaded a popular app called WiFi Finder found that it got handsy with users’ own home Wi-Fi, uploading their network passwords to a database full of 2 million passwords that was found exposed and unprotected online.

Bilibili source code containing user names and passwords leaked on GitHub

By Wei Cheng, April 23, 2019, TechNode

A repository containing a large number of usernames and passwords for Chinese video-streaming site Bilibili was found on open-source software development platform GitHub. The repository contained more than 50 megabytes of source code.

Over 60 million LinkedIn users’ records exposed in LinkedIn database

By the Information Security Newspaper team,  April 22, 2019, Information Security Newspaper

A cybersecurity investigator reported the finding of at least eight databases without online protection measures, containing about 60 million LinkedIn user records. These databases include information such as usernames, emails, and work history.

Millions of medical documents for addiction and recovery patients leaked

By Tara Seals,  April 22, 2019, threatpost

Tens of thousands of patients of a rehab clinic in Pennsylvania may find their personal information hijacked and manipulated by identity thieves or extortionists. An ElasticSearch database that was left open to the internet exposed about 4.9 million data points of personally identifiable information.

Ride-hailing company operating in Iran exposes data of Iranian drivers

By Pierluigi Paganini, April 21, 2019, Security Affairs

A security researcher discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online without protection, containing over 6.7 million records of Iranian drivers.

Your Netflix Bandersnatch choices can be tracked by hackers

By Manisha Priyadarshini, April 22, 2019, FossBytes

Indian researchers have found that the choices we make in Netflix Bandersnatch interactive videos aren’t exactly private. The team says that Netflix’s encrypted interactive video traffic can be analyzed to find out what users are watching and the choices they make in interactive videos.

Leaks are inevitable. Damage is optional.
Where has your enterprise's data leaked to?

See Your Data Leaks