New York Times: Facebook, Fearing Public Outcry, Shelved Earlier Report on Popular Posts

New York Times: Facebook, Fearing Public Outcry, Shelved Earlier Report on Popular Posts. “In that report, a copy of which was provided to The Times, the most-viewed link was a news article with a headline suggesting that the coronavirus vaccine was at fault for the death of a Florida doctor. The report also showed that a Facebook page for The Epoch Times, an anti-China newspaper that spreads right-wing conspiracy theories, was the 19th-most-popular page on the platform for the first three months of 2021.”

Engadget: T-Mobile confirms data breach affects over 47 million people

Engadget: T-Mobile confirms data breach affects over 47 million people. “As part of its ongoing data breach investigation, T-Mobile has confirmed the enormity of the stolen information. Roughly 47.8 million current and former or prospective customers have been affected by the cyberattack on its systems, the carrier confirmed on Wednesday. Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company added in a press release.”

Infosecurity Magazine: Over 60 Million Americans Exposed Through Misconfigured Database

Infosecurity Magazine: Over 60 Million Americans Exposed Through Misconfigured Database. “Security researchers have discovered an online database completely unsecured and exposed to the public internet, containing the personal details of at least 63 million Americans. A team at vpnMentor led by Ran Locar and Noam Rotem found the Elasticsearch database wide open during a ‘routine research project.’”

Techdirt: Hacked Florida Water Plant Found To Have Been Using Unsupported Windows 7 Machines And Shared Passwords

Techdirt: Hacked Florida Water Plant Found To Have Been Using Unsupported Windows 7 Machines And Shared Passwords. “If you’re not in the IT space, this is base level stuff. Have your computer systems on operating systems that are under active support and are being patched. That is doubly so for any systems that are critical, or which have access to critical systems. And to not have any client security, such as a local software firewall, on such a machine is IT malpractice. On top of the above, it appears that TeamViewer hadn’t been actively used by the staff there for nearly six months.”

InfoSecurity Magazine: Cook County Leaks 320,000 Court Records

InfoSecurity Magazine: Cook County Leaks 320,000 Court Records. “Over 320,000 court records belonging to the second most populous county in the US have been discovered sitting on a misconfigured online database. Security researcher Jeremiah Fowler and a team from Website Planet soon found that the data was all from Cook County, Illinois, which is home to America’s third-largest city, Chicago.”

ZDNet: Financial companies leak 425GB in company, client data through open database

ZDNet: Financial companies leak 425GB in company, client data through open database. “An open database is the source of a data leak leading to the exposure of 425GB in sensitive documents belonging to financial companies. On Tuesday, vpnMentor researchers led by Noam Rotem said the database appears to be connected to MCA Wizard, a now-defunct app that appears to have been developed by Advantage Capital Funding and Argus Capital Funding.”

The Register: Staffer emails compromised and customer details exposed in T-Mobile US’s third security whoopsie in as many years

The Register: Staffer emails compromised and customer details exposed in T-Mobile US’s third security whoopsie in as many years. “T-Mobile US was hacked by miscreants who may have stolen some customer information. The telco did not specify exactly when the intrusion took place (and has yet to respond to questions from The Register) in its Notice Of Data Breach.”

TechCrunch: A ‘stalkerware’ app leaked phone data from thousands of victims

TechCrunch: A ‘stalkerware’ app leaked phone data from thousands of victims. “The app, KidsGuard, claims it can ‘access all the information’ on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of phone calls. But a misconfigured server meant the app was also spilling out the secretly uploaded contents of victims’ devices to the internet.”

ZDNet: 49 million user records from US data broker LimeLeads put up for sale online

ZDNet: 49 million user records from US data broker LimeLeads put up for sale online. “A hacker is currently selling a huge database of 49 million business contacts on a underground hacking forum, ZDNet has learned. The hacker claims the data belongs to LimeLeads, a San Francisco-based business-to-business (B2B) leads generator, which +makes its money by renting access to an internal database containing business contacts that can be used for pitches and sales.”

The Register: Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why?

The Register: Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why? . “A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.”

USA Today: ‘Hundreds of millions of people’ may have had their text messages exposed online, researchers say

USA Today: ‘Hundreds of millions of people’ may have had their text messages exposed online, researchers say. “A database housing millions of private SMS text messages was left open online for an extended period of time, a team of researchers at the online privacy company vpnMentor said Sunday. The Texas-based text messaging firm TrueDialog is thought to be responsible for the leak, the cybersecurity experts said.”