A curated list of the top stories of the week concerning data leaks and digital threats.
Cybersecurity researchers found 540 million records of Facebook users in publicly accessible places on Amazon’s cloud servers. The records were reportedly stored there by a Facebook partner, a Mexico-based media company called Cultura Colectiva.
By Lawrence Abrams, April 3, 2019, Bleeping Computer
A vulnerability in a Georgia Tech web application allowed an attacker to gain access to the personal information of up to 1.3 million students, college applicants, staff, and faculty members. This information included names, addresses, social security numbers, and birth dates. This is the second incident in a year for the university.
By Balaji N, March 30, 2019, GBHackers On Security
A Toyota subsidiary’s network was compromised by unknown hackers who gained unauthorized access to the network where the company stored nearly 3.1 million customers’ sensitive information.
By Catalin Cimpanu, April 2, 2019, ZDNet
Automattic, the company behind the WordPress.com blogging platform, had a bug in its official iOS application that might have exposed users’ account authentication tokens to third-party websites. There is now a danger that WordPress.com authentication tokens are presently recorded in server logs on various websites and online services, and that unethical website owners or employees might go looking for these tokens in their web server logs.