Data Leaks of the Week – March 22, 2019


Avatar CybelAngel • March 22, 2019

A curated list of the top stories of the week concerning data leaks and digital threats.

These are the worst corporate hacks of all time

By Benedikt KammelDemetrios Pogkas and Mathieu Benhamou, March 18, 2019, Bloomberg

From Yahoo! to Equifax, a global review of major breaches involving almost 200 corporate, government and non-profit organizations over the course of more than a decade, taking into account breaches of 1 million accounts or more.

Serial hacker Gnosticplayers is back: puts up 26 million hacked databases for sale

By TimesNowNews team, March 19, 2019, TimesNowNews

After posting personal data of close to 843 million users of various popular websites on a Dark Web marketplace, the hacker Gnosticplayers has now put up the fourth set of nearly 26 million hacked databases for sale.

250,000 sensitive legal documents leaked online via unprotected Elasticsearch cluster

By Balaji N, March 16, 2019, GBHackers On Security

Security researchers discovered 257,287 highly sensitive legal documents from an unprotected Elasticsearch cluster that was hosted on a US-based Amazon AWS server.

Preventing “The Great Spreadsheet Escape:” lessons from BlackRock’s data leak

By Diane Robinette, March 20, 2019, Corporate Compliance Insights

A retake on the BlackRock data leak that happened in January, and a focus on a very peculiar kind of risk: spreadsheet leak.

Insecure database exposes 800,000 Singapore blood donors

By Sergiu Gatlan, March 15, 2019, Bleeping Computer

The personal information of 808,201 blood donors who registered to donate since 1986 in Singapore was exposed after the database which contained it was left unprotected on an Internet-facing server for more than two months.

French hacker helps government plug major Aadhaar data leak

By The Quint Team, March 20, 2019, The Quint

Famous French security researcher and hacker Elliot Alderson has claimed to have plugged a major data leak of government documents, including Aadhaar cards.

Aluminum manufacturing giant Norsk Hydro shut down by ransomware

By Zack Whittaker, March 19, 2019, TechCrunch

Norsk Hydro, one of the largest global aluminum manufacturers, has confirmed its operations have been disrupted by a ransomware attack. The full impact of the situation is still under assessment.

HIV data leak: Mikhy Farrera Brochez pleads not guilty in US court

By Chris Kenning, March 20, 2019, Channel NewsAsia

New updates on the trial of Mikhy Farrera Brochez, who is being accused of sharing the HIV-positive status and personal information of 14,200 people from Singapore’s HIV registry.

Facebook stored passwords in plain text for years

By Lindsey O’Donnell, March 21, 2019, Threatpost

Facebook acknowledged that their user passwords have been stored in plain text for years. Between 200 and 600 million passwords were searchable by Facebook employees, which put them at the mercy of human negligence.

Leaks are inevitable. Damage is optional.
Where has your enterprise's data leaked to?

See Your Data Leaks