Gizmodo: An Employee Surveillance Company Leaked Over 21 Million Screenshots Online. “With the refinement of digital tools, companies are subjecting their employees to increasing levels of surveillance — and increasing risks. Now, the security of thousands of employees and their parent companies is at risk after real-time images of their computers were leaked by an employee surveillance […]
#DataLeaks
The Register: From 112K to 4M folks’ data – HR biz attack goes from bad to mega bad. “Houston-based VeriSource Services’ long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand as it first claimed – was accessed by an ‘unknown actor’. The tech company, which provides employee benefits administration services, began […]
Don’t store passwords in browsers.
Browsers are common malware targets.
#PasswordStorage #MalwareRisk #DataLeaks
Did you know❓
🏴☠️ On average, 1.4 billion social media accounts are compromised every month, that’s about 32 accounts every second.*
🛡️ Make sure to use strong passwords, avoid clicking suspicious links… and use Epieos to check if your passwords have been exposed in #dataleaks.
*Study conducted by Dr. Michelle Moore, Director of the Graduate Cyber Security Operations & Leadership program and Professor of Practice at the University of San Diego.
The HIPAA Journal: Blue Shield of California Announces Impermissible Disclosure of PHI to Google Ads: 4.7 Million Affected. “On April 9, 2025, the health insurance plan provider Blue Shield of California disclosed a web tracking-related privacy breach involving user data being shared with Google’s advertising product, Google Ads. The breach was recently reported to the HHS’ Office for […]
Techdirt: Whoops: T-Mobile Reveals Names, Real-Time Locations Of Customers’ Kids. “T-Mobile sells a GPS service called SyncUP that lets parents monitor the locations of their children (one of several similar apps like Life360), then turns around and monetizes these vast troves of data. Except that 404 Media was the first to report that an apparent bug with T-Mobile’s service resulted in […]
Sensitive Information Disclosure (SID) is a significant vulnerability where private data such as passwords, emails, internal docs, user credentials, IPs, business logic, source code, PII, payment information, or health records are unintentionally exposed. This occurs due to dev mistakes, misconfigurations, sketchy apps, or third-party integrations. Examples of real breaches include Tesla (2018), NASA (2018), Yahoo! (2014), Uber (2016), T-Mobile (2021), and Panama Papers (2016). To prevent SID, follow best practices like disabling directory listing, error silencing, secure secrets handling, API response verification, thoughtful file uploads, regular security tests, and bug bounty participation. #Cybersecurity #DataLeaks #InfoSec #BugBounty #DevOpsSecurity
After failing to properly write court documents with competitive evaluations, lawyers from Apple, Google and Snap expressed their annoyance at the lack of care with highly sensitive information.
A leak that did not go unnoticed in Silicon Valley #PrivacyFail #Meta #BigTech #DataLeaks #TechNews
🩹 You Can Have the Best Security, If Your Habits Are Trash #OPSEC #Cybersecurity #PrivacyMatters #Infosec #ThreatModel #Surveillance #Metadata #DigitalAnonymity #CyberGhost #Encryption #DataLeaks #CyberHygiene #OnlineSecurity #SecureHabits #DeadSwitch
BBC: Kink and LGBT dating apps exposed 1.5m private user images online. “Researchers have discovered nearly 1.5 million pictures from specialist dating apps – many of which are explicit – being stored online without password protection, leaving them vulnerable to hackers and extortionists. Anyone with the link was able to view the private photos from five platforms developed by M.A.D […]
💀 There are entire Telegram channels dedicated to selling your leaked data.
We’re talking:
✅ Full ID bundles (name, address, SSN, license/passport)
✅ Hacked medical records
✅ Database dumps from past breaches
📌 If you’ve uploaded your ID or personal info, it could be there.
📌 Use Optery or Incogni to remove exposed data
📌 Freeze credit. Monitor accounts. Stay alert.
Micah Lee: Exploring the Paramilitary Leaks. “It’s come to my attention that this dataset is rather challenging for journalists and researchers to wrap their heads around. I wrote a book, Hacks, Leaks, and Revelations, aimed at teaching journalists and researchers how to analyze datasets just like this. I’m also quite interested in what’s in here myself – this is one of the only datasets […]
https://rbfirehose.com/2025/03/23/micah-lee-exploring-the-paramilitary-leaks/
Japanese telecommunication services provider #NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. #DataLeaks #CyberAttacks https://www.bleepingcomputer.com/news/security/data-breach-at-japanese-telecom-giant-ntt-hits-18-000-companies/
#CyberAlerts NTT Communications #Japan
#NTT Com Confirms Potential Information Leak due to Unauthorized System Access
#TOKYO, JAPAN, March 5, 2025 — NTT Communications Corporation (NTT Com), announced today that on February 5th, it determined that unauthorized access to its systems had occurred. On the following day, the company established that certain information may have been leaked.
#DataLeaks #CyberAttacks
#Internet https://www.ntt.com/en/about-us/press-releases/news/article/2025/0305_2.html
ICYMI: RainSMediaRadio NewsMeta Fires 20 Employees Over Alleged Data Leaks and Confidentiality Breaches https://www.rainsmediaradio.com/2025/03/meta-fires-20-employees-over-alleged.html?utm_source=dlvr.it&utm_medium=mastodon Follow, Like & Share #Meta #DataLeaks #Privacy #Cybersecurity #SocialMedia
HIPAA Journal: Clinical Trials Database Containing 1.6 Million Records Exposed Online. “A database containing approximately 1.6 million clinical trial records has been exposed over the Internet and could be accessed without a password. The 2 TB database was found by cybersecurity researcher Jeremiah Fowler, who reports that the database contains 1,674,218 records, including PDF survey results […]
Tom’s Hardware: Security researcher finds vulnerability in internet-connected bed, could allow access to all devices on network. “Dylan Ayrey has released an extended blog with the help of Jake King highlighting the security flaws of the Eight Sleep and the steps he ended up taking to make them no longer an issue, particularly in the face of features that wounded up locked behind a […]
"Hackers leaked thousands of files from Lexipol, a Texas-based company that develops policy manuals, training bulletins, and consulting services for first responders.
The manuals, which are crafted by Lexipol’s team of public sector attorneys, practitioners, and subject-matter experts, are customized to align with the specific needs and local legal requirements of agencies across the country.
But the firm also faces criticism for its blanket approach to police policies and pushback on reforms.
The data, a sample of which was given to the Daily Dot by a group referring to itself as “the puppygirl hacker polycule,” includes approximately 8,543 files related to training, procedural, and policy manuals, as well as customer records that contain names, usernames, agency names, hashed passwords, physical addresses, email addresses, and phone numbers.
Among the manuals seen by the Daily Dot, agencies include police departments, fire departments, sheriff’s offices, and narcotics units."
https://www.dailydot.com/debug/lexipol-data-leak-puppygirl-hacker-polycule/
Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company's Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. #OpIsrael #DataLeaks
https://www.bleepingcomputer.com/news/security/hpe-notifies-employees-of-data-breach-after-russian-office-365-hack/
The Register: Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek . “Wiz, a New York-based infosec house, says that shortly after the DeepSeek R1 model gained widespread attention, it began investigating the machine-learning outfit’s security posture. What Wiz found is that DeepSeek – which not only develops and distributes trained openly available […]
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst