After threatening me with legal action, Keepnet Labs finally issues statement over data breach

UK security company Keepnet Labs has finally publicly confirmed that a database it had collated containing more than five billion records from past data breaches was “briefly exposed” on the internet.

Security firm leaves more than five billion records exposed on unsecured database

A massive database, containing more than five billion records derived from past security breaches between 2012 and 2019, has been left unprotected, without any password protection on the internet.

And who left it exposed? A security firm.

Microsoft data breach exposes 250 million customer service and support records

Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.


Peekaboo Moments app left baby videos, photos, and 800,000 users’ email addresses exposed on the internet

The developer of a smartphone app has carelessly left a database accessible to anybody with an internet connection, leaving exposed a database of millions of records containing baby videos and photos, as well as the email addresses of users.

Read more in my article on the Hot for Security blog.


Police raids after data on most of Ecuador’s citizens leaks online

If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured.

Victims even include Wikileaks founder Julian Assange…


Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.

Read more in my article on the Tripwire State of Security blog.

B&Q data leak exposes information on 70,000 thefts from its stores, including names of suspected offenders

A database of 70,000 offender and incident logs was only supposed to be accessible internally within UK hardware store B&Q, but was instead exposed for anyone to access – no password required.

So you’d expect B&Q to fix this pretty quickly after being told about the problem, right?


Hitherto unknown marketing firm exposed hundreds of millions of Americans’ data

The detailed personal information of 230 million consumers and 110 million business contacts – including phone numbers, addresses, dates of birth, estimated income, number of children, age and gender of children – has been left exposed for anyone on the internet to grab.

Read more in my article on the Tripwire State of Security blog.


Sysadmins who fail to change default configurations, leave petabytes of data at risk

Sysadmins – if you don’t change the default settings, there’s a danger that you could be exposing your company’s secret data to the rest of the world.

Read more in my article on the Lumension State of Security blog.