#Privacy: Over 7m Adobe Creative Cloud users exposed to hackers

Nearly 7.5 million Adobe Creative Cloud user records were left exposed due to an exposed, non-password protected Elasticsearch database. Security researcher Bob Diachenko, who worked alongside Comparitech, estimates that the database was exposed for about a week. However, it remains unknown as to whether anyone else gained unauthorised access to the database.  The exposed information […]

#Privacy: Religious website service found exposing customer data for months

Clover Sites has been exposing the personal data of its customers for at least half a year. Security Discovery researcher Jeremiah Fowler, discovered the non-password protected on May 22. The database contained 65,800 records of current and previous Clover Sites customers.  The records contained detailed information including customer names, billing information such as the last […]

#Privacy: Experts identify Whirlpool as owners of exposed database

An unusual web interface belonging to the Heartbeat monitoring service was discovered by security researcher Bob Diachenko.  The publicly accessible instance contained graphs and descriptions, to which the graphs were supported by a MongoDB-sourced data.  Additionally, the database itself was set on public and hosted on the same IP where the Heartbeat instance was.  Following […]

#Privacy: Over 20 million Russian tax records exposed online

An Elasticsearch database containing the tax records of over 20 million Russians were found publicly exposed. Security researcher Bob Diachenko working alongside with Comparitech, discovered the database on September 17, 2019. It was identified that since May 2018, the database had been exposed and that it did not require a password. It was found that […]

#Privacy: An online football accessories shop exposes its customer data

A popular online shop in Italy for football accessories, Calcioshop.it, have left its customer details exposed due to an unprotected database.  The open and unprotected Elasticsearch database was identified in early September, by security researcher Bob Diachenko.  Diachenko had discovered that the database contained an overwhelming 408,995 records, which contained the personal details of its […]

#privacy: Bold.com exposes thousands of records

Bold.com, a company that provides solutions that help jobseekers find jobs, and employers find people, exposed part of its internal infrastructure. In a blog post, security researcher Bob Diachenko discovered the unprotected Elasticsearch cluster on August 10.  The cluster contained thousands of records which belonged to the company’s infrastructure team and was not intended to […]

PrivSec:Report Weekly Roundup

Each week, PrivSec:Report presents the top 5 headlines from the week’s news and upcoming events in the privacy and security industry. This week PrivSec has covered a range of topics surrounding the following; accountability, threats, revelations and technological advancements, what a week! Give us answers! This week began on an investigative note. US lawmakers are […]

#privacy: Gartner exposed 1TB of data online

Discovered by researcher Bob Diachenko, an Elasticsearch cluster had been left on “public” visibility for at least eight months.  The cluster contained more than 1TB of data, and was found to belong to CEB Inc, a subsidiary of Gartner, a leading information technology research and advisory company.  Diachenko discovered the database on August 14, 2019 […]