A curated list of the top stories of the week concerning data leaks and digital threats.
By Catalin Cimpanu, March 12, 2019, ZDNet
63red Safe, a mobile app described as a “Yelp for conservatives” is leaking almost all of its data, according to a French cybersecurity researcher. Since the backend API needs no form of authentification, the app’s information can be easily extracted.
By Zack Whittaker, March 11, 2019, TechCrunch
More than 90 major tech companies and corporate giants left data inadvertently exposed in Box storage accounts. Sharing links were public by default and not updated. Leaked information included email addresses, passports, project proposals, and even donor information…
By Curtis Franklin Jr., March 11, 2019, DARKReading
A security researcher named Bob Diachenko found an exposed MongoDB instance containing a total of 150GB of data including approximately 763 million unique email addresses. That breach is the latest in a significant series of data breaches and exposures involving MongoDB.
By Connor Jones, March 11, 2019, ITPRO
Citrix has suffered a cyber attack that resulted in the loss of 6TB worth of data including emails, blueprints and other business documents. With multinational companies and state agencies as clients, Citrix could face strong consequences, especially in the European Union.
By Graham Stack, March 14, 2019, IntelliNews
A massive leak of hacked files, called the Ukrainian Papers, triggered a huge corruption scandal concerning Ukraine’s embattled President Petro Poroshenko, only two weeks away from presidential elections.
By Aneesha Mathur, March 14, 2019, India Today
Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, due to an unprotected ElasticSearch server. Not only are the exposed orders a breach of customer privacy, but the exposed data could endanger customers in parts of the world where freedom of speech and expression is limited.
By Zeljka Zorz, March 12, 2019, Help Net Security
Arne Sorenson, the CEO of Marriott International, revealed more information about their recent breach, including how they discovered it.
By Pierluigi Paganini, March 12, 2019, SecurityAffairs
A cybersecurity researcher found an unprotected database in China containing the personal information of more than 1.8 million women. The database contained GPS coordinates, ID numbers, and a strange “BreedReady” status.
By Lawrence Abrams, March 14, 2019, BleepingComputer
Using the Shodan search engine, a security researcher found a large ElasticSearch database with approximately 33 million profiles for people seeking jobs in China.