Exposure

Rallyhood exposed a decade of users’ private data

Zack Whittaker reports on a 4.1 terabyte leak found by a researcher using the handle “Timeless:” Rallyhood boasts users from Girl Scout and Boy Scout troops, and Komen, Habitat for Humanities, and YMCA factions. The company also hosts thousands of smaller groups, like local bands, sports teams, art clubs, and organizing committees. Many flocked...

Personal health information of nearly 2,900 Queen’s patients sent to wrong email address

The Star Advertiser reports: An employee sent an email containing personal health information for 2,852 patients of The Queen’s Medical Center and Queen’s North Hawaii Community Hospital to the wrong address on Feb. 3, Queen’s officials announced today. No Social Security numbers or financial account information was included, so patients’ financial security is not...

Celeb Shout-Out App Cameo Exposes Private Videos and User Data

Joseph Cox reports: Cameo, the increasingly popular app for paying celebrities to record short personal videos, exposed a wealth of user data including email addresses, hashed and salted passwords and phone numbers, and messages via a misconfiguration in its app. The site also has an issue where videos that are supposed to be private...

Household Names: How Tetrad Exposed Data on 120 Million Consumers

From UpGuard: The UpGuard Research team can now disclose that a collection of data sets detailing the purchasing habits and consumer behavior profiles of virtually every American household has been secured. The publicly exposed data comes from market analysis company Tetrad but includes data blended from many sources, including Experian Mosaic, Claritas/Nielsen’s PRIZM, and...

A ‘stalkerware’ app leaked phone data from thousands of victims

Zack Whittaker reports: A spyware app designed to “monitor everything” on a victim’s phone has been secretly installed on thousands of phones. The app, KidsGuard, claims it can “access all the information” on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of...