Activist Leaks Files From a Data Broker for Demoing its Software With ICE

Joseph Cox reports: To protest a data broker giving trial accounts of their product to U.S. Immigrations and Customs Enforcement, a source has provided Motherboard with internal files of Sayari, a company that collects and resells access to data on citizens from more than a hundred different countries. Sayari’s data banks include physical addresses,...

Indian onlinebloodbank FINALLY secures exposed donors database

It’s been a frustrating matter, but it may finally be resolved, thanks to the individual known as @fs0ciety on Twitter. In May 2019, DataBreaches.net was alerted to an online bloodbank in India that had a misconfigured Amazon s3 bucket. Despite repeated emails by this site and even a phone call from Banbreach infosec in...

Court approves extradition of young hacker to US

Jonathan Shkurko reports: Joshua Epiphaniou will be the first Cypriot to be extradited to the United States after a Nicosia court ruled he should stand trial there, his lawyer Michael Chambers said. He faces 20 years in prison in two US states – Georgia and Arizona – where he faces several charges including wire...

Startup vulnerability leaves Queer Chart student data exposed

Paxton Scott reports: A security flaw allowed users of Queer Chart, a startup founded by Stanford students to link members of the campus queer community, to access all users’ names, profile pictures, email addresses, dates of birth, pronouns, schools and anonymous IDs, its founders have acknowledged. An anonymous ID is meant to allow a...

Macy’s Customer Payment Info Stolen in Magecart Data Breach

Lawrence Abrams reports: Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various...