Data Leaks of the Week – June 28, 2019

News

Avatar CybelAngel • June 28, 2019

A curated list of the top stories of the week concerning data leaks and digital threats.

NASA hacked: 500 MB of mission data stolen through a Raspberry Pi computer

By Aaron Mamiit, June 22, 2019, Digital Trends 

The National Aeronautics and Space Administration confirmed that its Jet Propulsion Laboratory (JPL) was hacked last year, with the attacker able to steal 500 MB of data related to the space agency’s missions, using a cheap Raspberry Pi computer. The attacker remained undetected for 10 months.

Taiwan’s Ministry of Civil Service suffers data breach impacting over 240,000 civil servants

By Cyware Team, June 26, 2019, Cyware

243, 376 Taiwanese civil servants’ information has been compromised and made available on foreign websites. The compromised information includes ID numbers, names, national identification card numbers, agency information, job designations, and the agencies the civil servants work for.

Desjardins, Canada’s largest credit union, announces security breach

By Catalin Cimpanu, June 20, 2019, ZDNet

Desjardins, Canada’s largest credit union and one of the world’s biggest banks, announced a security breach caused by a former employee. The former employee took the data of 2.9 million members (2.7 million home users and 173,000 businesses and associated contacts) from their database. Only PII was taken from the system, not any e-banking passwords, security questions, account PINs, or credit and debit card numbers.

Florida advertising agency suffers a breach: data about veterans’ combat injuries and other sensitive details leaked

By Lucia Danes, June 23, 2019, 2spyware

xSocial Media, an advertising agency based in Florida, encountered a data breach that exposed databases with details about past advertising campaigns. Hundreds of thousands of users’ details leaked, including information about medical malpractice cases and sensitive information about U.S military veterans’ combat injuries.

95,000 Delawareans impacted in data breach that lasted nearly nine years

Leaky Amazon S3 buckets expose data of Netflix, TD Bank

By Lindsey O’Donnell, June 27, 2019, ThreatPost

Three publicly-accessible cloud storage buckets from data management company Attunity leaked more than a terabyte of data from its top Fortune 100 customers – including internal business documents, system passwords, and sensitive employee information. Impacted customers whose files were discovered in the exposed datasets include Netflix, TD Bank, and Ford.

Data breach exposed apprentices’ passport details, employment agreements

By Rohan Pearce, June 27, 2019, ComputerWorld

An Amazon Web Services S3 bucket exposed sensitive data of the apprentice network provider called MGET, including passport scans, visa details, employment agreements, and performance warnings. MEGT itself did not set up the S3 bucket; it appeared to have been employed by a third-party service provider for a migration process involving the group training company.

 

Leaks are inevitable. Damage is optional.
Where has your enterprise's data leaked to?

See Your Data Leaks