A curated list of the top stories of the week concerning data leaks and digital threats.
By Sergiu Gatlan, May 7, 2019, Bleeping Computer
An unprotected Elasticsearch cluster found via a Shodan search exposed 37,900 records of Kool King Shop customers, a French online shop specifically tailored to be used by kids who bought Burger King menus. The 37,900 Kool King Shop member records contained personally identifiable information such as emails, passwords, names, phones, date of birth, etc.
By Charlie Osborne, May 8, 2019, ZDNet
Freedom Mobile, a major Canadian telecommunications provider, has revealed a data breach which may have exposed sensitive information belonging to thousands of customers. The database contained the email addresses of customers, phone numbers, home addresses, dates of birth, customer types, and IP addresses linked to payment methods.
By Zack Whittaker, May 8, 2019, TechCrunch
A development lab used by Samsung engineers was leaking highly sensitive source code, credentials, and secret keys for several internal projects — including its SmartThings.
By Charlie Osborne, May 7, 2019, ZDNet
Wyzant has revealed a data breach which has led to the compromise of user data including names, email addresses, and ZIP codes. The Facebook profile pictures used to sign into Wyzant were also placed at risk, which may be useful in phishing campaigns.
By Nick Paul Taylor, May 7, 2019, MedTech Dive
Touchstone Medical Imaging is set to pay $3 million, after one of its file transfer protocol web servers exposed public health information of more than 300,000 people in 2014.
By Gaurav Shukla, May 10, 2019, Gadget 360
A massive MongoDB database containing over 275 million records with personally identifiable information about Indian citizens was allegedly found unprotected and publicly indexed on the internet. The owners of the database have seemingly managed to scrape over 275,265,298 records of personal information about Indian job seekers.