45 Million Medical Images Left Exposed Online

More than 45 million medical images—and the personally identifiable information (PII) and personal healthcare information (PHI) associated with them–have been left exposed online due to unsecured technology that’s typically used to store, send and receive medical data, new research has Read More …

Personal data of 16 million Brazilian COVID-19 patients exposed online

The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among the Read More …

Singapore investigating claims Muslim app developer sold user data to US military

Singapore is investigating claims that local-based mobile app, Muslim Pro, has sold “granular location data” to the US military. Clocking more than 98.5 million downloads worldwide, the popular prayer tracking app has denied the allegations, saying it shares only anonymised Read More …

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE). Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Read More …

COVID-19 Data-Sharing App Leaked Healthcare Worker Info

A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web Read More …

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details. Prestige Software’s “Cloud Read More …

Marriott fined £18.4 million by UK watchdog over customer data breach

The Information Commissioner’s Office (ICO) has fined Marriott £18.4 million over a 2014 data breach, heavily reducing the penalty originally planned due to COVID-19 disruption. The Marriot hotel group was subject to a 2014 data breach impacting the Starwood resort Read More …

Singapore’s worst-ever data breach prompted the nation to bolster its cyber defences

In 2018, Singapore suffered its worst ever data breach when inadequate cybersecurity at SingHealth saw a quarter of the population’s medical records stolen. The subsequent official review recommended remedies that should already be basic security policies. Two years after the Read More …

Data watchdog issues biggest ever fine over airline cyberattack

British Airways has been fined £20 million for “unacceptable” failures that led to personal details of hundreds of thousands of customers’ data being being stolen by hackers in 2018. The fine represents the largest financial penalty issued by the UK’s Read More …

Hackers leak details of 1,000 high-ranking Belarus police officers

A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations. The leaked data included names, dates of birth, and the Read More …