ElasticSearch

Microsoft data breach exposes 250 million customer service and support records

Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.

bitdefender.com

Peekaboo Moments app left baby videos, photos, and 800,000 users’ email addresses exposed on the internet

The developer of a smartphone app has carelessly left a database accessible to anybody with an internet connection, leaving exposed a database of millions of records containing baby videos and photos, as well as the email addresses of users.

Read more in my article on the Hot for Security blog.

bitdefender.com

Police raids after data on most of Ecuador’s citizens leaks online

If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured.

Victims even include Wikileaks founder Julian Assange…

tripwire.com

Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.

Read more in my article on the Tripwire State of Security blog.

B&Q data leak exposes information on 70,000 thefts from its stores, including names of suspected offenders

A database of 70,000 offender and incident logs was only supposed to be accessible internally within UK hardware store B&Q, but was instead exposed for anyone to access – no password required.

So you’d expect B&Q to fix this pretty quickly after being told about the problem, right?

tripwire.com

Hitherto unknown marketing firm exposed hundreds of millions of Americans’ data

The detailed personal information of 230 million consumers and 110 million business contacts – including phone numbers, addresses, dates of birth, estimated income, number of children, age and gender of children – has been left exposed for anyone on the internet to grab.

Read more in my article on the Tripwire State of Security blog.

heatsoftware.com

Sysadmins who fail to change default configurations, leave petabytes of data at risk

Sysadmins – if you don’t change the default settings, there’s a danger that you could be exposing your company’s secret data to the rest of the world.

Read more in my article on the Lumension State of Security blog.