A considerable chunk of the Conti ransomware gang's internal communications is now available due to a data leak, and may threaten the future of the group.
Researchers discovered thousands of Amazon RDS snapshots shared publicly either accidentally or deliberately that were inadvertently leaking clients’ personally identifiable information (PII).
One would hope that credit bureau Experian had learned a lesson about data leaks but the agency has a new API security vulnerability that appears to have leaked the credit scores of nearly every American that has one.
Brazil's Ministry of Health website data leak exposed medical records of 243 million living and deceased Brazilians after database access credentials were saved in the source code.
China-based game developer exposed personal information and transaction records of nearly 6 million Battle for the Galaxy players in an unsecured ElasticSearch data leak.
Prestige Software exposed sensitive personal and credit card information of over 10 million clients and database with 5.8 million customer records from the RedDoorz breach was put on sale.
Hackers published a list of 50,000 Fortinet VPN credentials stolen from vulnerable devices. A second data leak dumped sslvpn_websession files for every IP initially compromised.
Vulnerability in Twitter's API in 2021 caused a data leak that exposed private user profile information of at least 5.4 million users. The information is now available for free via a dark web forum.
The personal data of 1 billion China citizens, or about two-thirds of the country's entire population, appears to be available for sale on an underground forum after a data leak.
The Pegasus spyware sold by NSO Group, supposed to only be available to law enforcement and intelligence agencies for legitimate and legal uses, appears to be widely available to repressive governments with little oversight.