Yle Uutiset: Public slams Finnish Transport Safety Agency for privacy breach

Yle Uutiset: Public slams Finnish Transport Safety Agency for privacy breach. “Trafi’s database required nothing more than a name to pull up a person’s driving information. The Finnish Transport Safety Agency (Trafi) on Sunday said it had suspended the service while it investigates whether the tool infringes on people’s data privacy and security. The database went public last July.”

HackenProof: New Data Breach exposes 57 million records

HackenProof: New Data Breach exposes 57 million records. “A massive 73 GB data breach was discovered during a regular security audit of publicly available servers with the Shodan search engine. Prior to this publication, there were at least 3 IPs with the identical Elasticsearch clusters misconfigured for public access. First IP was indexed by Shodan on November 14th, 2018. An open Elasticsearch instance exposed personal info of 56,934,021 US citizens, with information such as first name, last name, employers, job title, email, address, state, zip, phone number, and IP address.”

TechCrunch: Urban Massage exposed a huge customer database, including sensitive comments on its creepy clients

TechCrunch: Urban Massage exposed a huge customer database, including sensitive comments on its creepy clients. “Urban Massage, a popular massage startup that bills itself as providing ‘wellness that comes to you,’ has leaked its entire customer database. The London, U.K.-based startup — now known as just Urban — left its Google-hosted ElasticSearch database online without a password, allowing anyone to read hundreds of thousands of customer and staff records. Anyone who knew where to look could access, edit or delete the database.” The headline makes it sound like all massage clients might be creepy, but in fact there were clients who were problematic and those were the ones commented on.

ZDNet: Brazil’s largest professional association suffers massive data leak

ZDNet: Brazil’s largest professional association suffers massive data leak. “Brazil’s Federation of Industries of the State of São Paulo (FIESP) is being accused of exposing millions of personal data records from three of its databases online. FIESP represents about 130 thousand companies and is the largest class entity in the Brazilian industrial sector. The records leaked included names, ID and social security numbers, as well as full addresses, emails and telephone numbers.”

Slashgear: Hospitals, insurance companies leak more health data than hackers

Slashgear: Hospitals, insurance companies leak more health data than hackers. “Hospitals, insurance firms, physician offices, and similar companies leak more personal health data than hackers, a new study has revealed. According to researchers with two major US universities, more than half of personal health data breaches resulted from problems with the medical providers themselves rather than an external force, such as hackers.”

The Baltic Course: 120 gigabytes documents leaked out of SRS database in Latvia

The Baltic Course: 120 gigabytes documents leaked out of SRS database in Latvia. “The Latvian State Television (LTV) news magazine show “De facto” reported last night about the leak of 7.4 million documents (120 gigabytes) from the State Revenue Service’s (SRS) electronic declaration system (EDS).”