A curated list of the top stories of the week concerning data leaks and digital threats.
By Zack Whittaker, May 20, 2019, TechCrunch
A massive database containing contact information of millions of Instagram influencers, celebrities, and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password, allowing anyone to look inside.
By Bobby Hellard, May 20, 2019, ITPro
The OGUser.com forum, which is used by hackers that conduct SIM card swaps to seize control over victims’ phone numbers, has itself been hacked, exposing the email addresses, hashed passwords, IP addresses, and private messages of nearly 113,000 forum users.
By Zack Whittaker, May 17, 2019, TechCrunch
The developer knowledge sharing site confirmed a breach of its systems, resulting in unauthorized access to production systems — the front-facing servers that actively power the site. The company said the intrusion on the website began about a week earlier and “a very small number” of users had some data exposed.
By J.M Porup, May 20, 2019, CSO Online
IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication. In particular, it exposed new employee data: names, mobile numbers, recruiter names, usernames, cleartext passwords, and more.
By Pierluigi Paganini, May 18, 2019, Security Affairs
Over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. The leaked information includes devices’ unique identifiers, names, and operating systems.