ZDNet: Financial companies leak 425GB in company, client data through open database

ZDNet: Financial companies leak 425GB in company, client data through open database. “An open database is the source of a data leak leading to the exposure of 425GB in sensitive documents belonging to financial companies. On Tuesday, vpnMentor researchers led by Noam Rotem said the database appears to be connected to MCA Wizard, a now-defunct app that appears to have been developed by Advantage Capital Funding and Argus Capital Funding.”

The Register: Staffer emails compromised and customer details exposed in T-Mobile US’s third security whoopsie in as many years

The Register: Staffer emails compromised and customer details exposed in T-Mobile US’s third security whoopsie in as many years. “T-Mobile US was hacked by miscreants who may have stolen some customer information. The telco did not specify exactly when the intrusion took place (and has yet to respond to questions from The Register) in its Notice Of Data Breach.”

TechCrunch: A ‘stalkerware’ app leaked phone data from thousands of victims

TechCrunch: A ‘stalkerware’ app leaked phone data from thousands of victims. “The app, KidsGuard, claims it can ‘access all the information’ on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of phone calls. But a misconfigured server meant the app was also spilling out the secretly uploaded contents of victims’ devices to the internet.”

ZDNet: 49 million user records from US data broker LimeLeads put up for sale online

ZDNet: 49 million user records from US data broker LimeLeads put up for sale online. “A hacker is currently selling a huge database of 49 million business contacts on a underground hacking forum, ZDNet has learned. The hacker claims the data belongs to LimeLeads, a San Francisco-based business-to-business (B2B) leads generator, which +makes its money by renting access to an internal database containing business contacts that can be used for pitches and sales.”

The Register: Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why?

The Register: Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why? . “A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.”

USA Today: ‘Hundreds of millions of people’ may have had their text messages exposed online, researchers say

USA Today: ‘Hundreds of millions of people’ may have had their text messages exposed online, researchers say. “A database housing millions of private SMS text messages was left open online for an extended period of time, a team of researchers at the online privacy company vpnMentor said Sunday. The Texas-based text messaging firm TrueDialog is thought to be responsible for the leak, the cybersecurity experts said.”

Wired: 1.2 Billion Records Found Exposed Online in a Single Server

Wired: 1.2 Billion Records Found Exposed Online in a Single Server. “For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stolen and aggregated consumer data that they used to break into people’s accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all.”