InfoSecurity: Marketer Exposes 198 Million Car Buyer Records

InfoSecurity: Marketer Exposes 198 Million Car Buyer Records. “Another unprotected Elasticsearch database has been discovered by researchers, this time exposing personally identifiable information (PII) linked to 198 million car buying records…. The non-password protected database contained a massive 413GB of data on potential car buyers, including names, email addresses, phone numbers, home addresses and more stored in plain text.”

TechCrunch: A huge database of Facebook users’ phone numbers found online

TechCrunch: A huge database of Facebook users’ phone numbers found online. “Hundreds of millions of phone numbers linked to Facebook accounts have been found online. The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.”

TechCrunch: MoviePass exposed thousands of unencrypted customer card numbers

TechCrunch: MoviePass exposed thousands of unencrypted customer card numbers. “Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk, found an exposed database on one of the company’s many subdomains. The database was massive, containing 161 million records at the time of writing and growing in real time. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers.”

Billions of records exposed: 2019 on track to be worst year ever for data breaches (USA Today)

USA Today: Billions of records exposed: 2019 on track to be worst year ever for data breaches . “The number of data breaches resulting in exposed records is up by 54% year over year in the first half of 2019, and the number of records exposed in those breaches is up by 52%. More than 3,800 data breaches were reported in the first six months of this year, and just eight of those exposed more than 3.2 billion records, nearly 80% of all records exposed so far in 2019.”

TechCrunch: An anonymous hentai porn site exposed over a million users’ emails

TechCrunch: An anonymous hentai porn site exposed over a million users’ emails. “A popular hentai porn site that promises anonymity to its 1.1 million users left a user database exposed without a password, allowing anyone to identify users by their email addresses. You might not have heard of Luscious.net unless you’re into hentai and manga porn but it’s one of the most popular websites in the U.S., ranking in the top 5,000 sites in traffic, per Alexa data.”

The Guardian: Major breach found in biometrics system used by banks, UK police and defence firms

The Guardian: Major breach found in biometrics system used by banks, UK police and defence firms. “The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.”

TechCrunch: Hundreds of exposed Amazon cloud backups found leaking sensitive data

TechCrunch: Hundreds of exposed Amazon cloud backups found leaking sensitive data. “How safe are your secrets? If you used Amazon’s Elastic Block Storage snapshots, you might want to check your settings. New research just presented at the Def Con security conference reveals how companies, startups and governments are inadvertently leaking their own files from the cloud.”