Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned.
Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and was 12.2TB in total size. It belongs to a company called Passion.io, a Delaware-based no-code app-building platform that allows creators, influencers, entrepreneurs, and coaches, to create websites without having any prior coding knowledge. They can also create, and sell, interactive courses.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- T-Mobile Fined $60 Million to Settle Alleged National Security Violations
August 15, 2024
Wireless company T-Mobile US has agreed to pay about $60 million to settle allegations it failed to promptly report incidents of unauthorized data access in violation of a national security agreement that allowed its merger with rival Sprint, according to senior U.S. government officials. The civil penalty, announced Wednesday by the Committee on Foreign Investment in ...
- Hong Kong urged to fast-track privacy law reforms amid surge in data breaches
August 15, 2024
Hong Kong should speed up privacy law reforms aimed at penalising companies over data breaches, a cybersecurity expert and a lawmaker have said after hundreds of thousands of residents had their personal information exposed amid a spate of leaks. The calls were made on Thursday, a day after the city’s privacy watchdog launched an investigation into ...
- Kootenai Health cyber attack impacts 464,000 patients
August 15, 2024
US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack. The non-profit health system, based in Coeur d’Alene, Idaho, said it was alerted to a potential data breach in March 2024 after noticing “unusual activity that disrupted access to certain IT systems”. Following an investigation, Kootenai ...
- Cyber attack on councils across Greater Manchester leaves thousands vulnerable to phishing scam
August 14, 2024
A cyber attack on councils across Greater Manchester has left thousands of residents vulnerable to a phishing scam. The attack, which initially hit one borough last week and spread over the weekend, on software company Locata downed the housing websites for Manchester, Salford and Bolton councils. It has also led to thousands of users being sent ...
- Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster
August 14, 2024
Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people. New York’s attorney general Letitia James announced the news on Tuesday after an investigation into Enzo’s incident concluded, finding various cybersecurity malpractices that led ...
- 5G network flaws could be abused to let hackers spy on your phone
August 12, 2024
5G basebands could be exploited by attackers to allow them to send fake messages to your contacts, or even hand over your credentials using a very real-looking website, experts have warned. Unveiled at the Black Hat cybersecurity conference, a research group from Pennsylvania State University presented their vulnerability sniffing tool 5GBaseChecker. Read more… Source: MSN News Sign up for ...