Ars Technica: Members of violent white supremacist website exposed in massive data dump. “Private data for Iron March, a notorious website for violent white supremacists, has been published online in a stunning leak that exposes a trove of detailed information on as many as 1,000 or more members. The 1GB SQL database appears to contain the entirety of the site’s information, including user names, private messages, public posts, registered email addresses, and IP addresses.” Warning: some of the content quoted in this article is nauseatingly racist.
NBC News: Leaked documents show Facebook leveraged user data to fight rivals and help friends. “A cache of leaked Facebook documents shows how the company’s CEO, Mark Zuckerberg, oversaw plans to consolidate the social network’s power and control competitors by treating its users’ data as a bargaining chip. The documents were obtained and are being published by NBC News.”
TechCrunch: A network of ‘camgirl’ sites exposed millions of users and sex workers. “A number of popular ‘camgirl’ sites have exposed millions of sex workers and users after the company running the sites left the back-end database unprotected. The sites, run by Barcelona-based VTS Media, include amateur.tv, webcampornoxxx.net, and placercams.com. Most of the sites’ users are based in Spain and Europe, but we found evidence of users across the world, including the United States.”
Techdirt: Whirlpool Left Appliance Data, User Emails Exposed Online. “Another day, another shining example of why connecting everything from your Barbie dolls to tea kettles to the internet was a bad idea. This week it’s Whirlpool that’s under fire after a researcher discovered that the company had failed to secure a database containing 28 million records collected from the company’s ‘smart’ appliances. The database contained user email addresses, model names and numbers, unique appliance identifiers, and data collected from routine analysis of the appliances’ condition, including how often the appliance is used, when its off or on, and whether it had any issues.”
The Register: Time to check who left their database open and leaked 7.5m customer records: Hi there, Adobe Creative Cloud!. “Adobe has pulled offline a public-facing poorly secured Elasticsearch database containing information on 7.5 million Creative Cloud customers. The cloud-based silo was uncovered by infosec detective Bob Diachenko, who reported it to Adobe last week.”
ZDNet: Open database leaked 179GB in customer, US government, and military records. “An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group.”
Des Moines Register: CenturyLink reports customer information exposed after 2.8 million records leaked. “A tech company with Iowa offices warns customers of leaked personal information, according to a CenturyLink Inc. email obtained by the Register. An incident with a third-party vendor led to customers’ personal information becoming public, according to the email sent to customers, including name, address, phone number and CenturyLink account number.”