Breaches and leaks

As I wrote last week, I'm starting to filter this section a bit more strictly, to prevent it from overwhelming the newsletter.
Please don't let that stop you from securing all your Elasticsearch databases, s3 buckets and MongoDB instances. Thank you.

  • Swedish Healthcare Guide service: exposed recordings of 2.7 million phone calls on an open webserver since 2013. Slow, bitter clap.
  • Indian LPG gas company: Leaked personal data, including the Adhaar biometric ID numbers, of 6.7 million people.
  • 137 US restaurants had their point-of-sale systems (= the payment terminals) compromised with malware, which had access to credit cards used in January: link.
  • Speaking of point-of-sale systems: Wendy's has to pay $50 million in settlements for a POS breach in 2015: link.
Dieter Van der Stock