Researchers have discovered a huge Google Cloud Storage bucket, found freely accessible on the internet and containing a treasure trove of personal information.
AI startup WotNot provides companies with the ability to create their own customized chatbot. The company reportedly has 3,000 customers including some household family names. But the way its solution is set up introduces an extra link in the chain in the flow of personally identifiable information (PII) from the customer to the company that deployed the chatbot, leaving an additional risk of exposure.
Read more…
Source: Malwarebytes Labs
Related:
- Amtrak data breach exposes 2.1M records, reports suggest larger leak
April 20, 2026
Booking a train ticket shouldn’t come with a side of data exposure, but that’s the situation Amtrak customers are now facing. The rail service is dealing with a breach after hackers claimed to have accessed and released millions of customer records online. The exposed dataset was confirmed to contain at least 2.1 million unique accounts, although ...
- App host Vercel says it was hacked and customer data stolen
April 20, 2026
Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees ...
- Personal data held by NHS Shetland is breached more than 160 times in three years
April 17, 2026
Personal and sensitive data held by NHS Shetland was breached more than 160 times over the last three years, it can be revealed. Information given to The Shetland Times through a Freedom of Information (FoI) request showed there was 161 occassions where confidential data was leaked. Data was shown to be lost, stolen or left insecure ...
- Disgruntled researcher releases second major Windows zero-day
April 17, 2026
The same disgruntled researcher who recently disclosed a zero-day vulnerability in Windows has now done it again, this time targeting Microsoft Defender, the operating system’s native antivirus solution. A researcher with the alias “Chaotic Eclipse” has posted a proof-of-concept (PoC) exploit for a vulnerability they named “RedSun”. It is a local privilege escalation flaw that allows ...
- Patient medical data stolen in Chipsoft ransomware attack
April 17, 2026
Medical software company Chipsoft has confirmed that patient data was stolen in a ransomware attack last week, after initially telling clients that personal data was “probably” safe. The attack hit family doctors, rehabilitation clinics and the Rotterdam Eye Hospital, which all use Chipsoft’s cloud-hosted HiX 365 platform. Other hospitals that use the company’s technology on their ...
- Booking.com confirms hackers accessed customers’ data
April 13, 2026
Booking.com confirmed Monday that hackers may have accessed customers’ personal data, including names, email addresses, phone numbers, and booking details. The global travel and hotel reservation giant notified customers this past week of the breach, according to several online posts. “We’re writing to inform you that unauthorized third parties may have been able to access certain ...